Windows Server 2003 SP1 - Windows Firewall / IIS - HTTP

Discussion in 'Windows Networking' started by Stefan Alkman, Precio AB - Sweden, Jul 6, 2005.

  1. Hello!

    I have some problem with W2k3SP1 firewall. I'm setting up a couple of IIS
    Webbservers in an DMZ network. The server is going to run in an NLB cluster.

    My problem is that the "Windows Firewall" is not letting HTTP requests (port
    80) go in to the box on the second interface (that is going to be used as an
    NLB interface later). The firewall is configured as part of the Security
    Configuration Wizard. An if i look in the configuration port 80 is open in
    the firewall.

    Both interfaces is connected to the same network - one for management with a
    default route and a nother for NLB trafic without a default route.

    - If i disable the windows firewall it works greate - but if it is enabled
    all incomming http trafic stops on the interface (it is logged in the window
    firewall log as an drop).
    - If i put the ip address on the first interface (the one with default gw)
    the firewall lets the trafic thrue.
    - If i move the default gw setup to the other interface it forks.

    The problem is that in an NLB configuration the default GW should be on the
    "management" interface not on the NLB interface.

    Is this a known problem? Any idés of a solution? It would be nice to run the
    local firewall on the DMZ network.

    With best regards
    / Stefan Alkman, Precio
    Stefan Alkman, Precio AB - Sweden, Jul 6, 2005
    1. Advertisements

Ask a Question

Want to reply to this thread or ask your own question?

You'll need to choose a username for the site, which only take a couple of moments (here). After that, you can post your question and our members will help you out.