Hello!
I have some problem with W2k3SP1 firewall. I'm setting up a couple of IIS
Webbservers in an DMZ network. The server is going to run in an NLB cluster.
My problem is that the "Windows Firewall" is not letting HTTP requests (port
80) go in to the box on the second interface (that is going to be used as an
NLB interface later). The firewall is configured as part of the Security
Configuration Wizard. An if i look in the configuration port 80 is open in
the firewall.
Both interfaces is connected to the same network - one for management with a
default route and a nother for NLB trafic without a default route.
- If i disable the windows firewall it works greate - but if it is enabled
all incomming http trafic stops on the interface (it is logged in the window
firewall log as an drop).
- If i put the ip address on the first interface (the one with default gw)
the firewall lets the trafic thrue.
- If i move the default gw setup to the other interface it forks.
The problem is that in an NLB configuration the default GW should be on the
"management" interface not on the NLB interface.
Is this a known problem? Any idés of a solution? It would be nice to run the
local firewall on the DMZ network.
With best regards
/ Stefan Alkman, Precio
|
Similar Threads
Linear Mode
