Google Groups no longer supports new Usenet posts or subscriptions. Historical content remains viewable.
Dismiss

SP1 Firewall/ Adding a program as an exception

54 views
Skip to first unread message

Mark

unread,
Jun 20, 2005, 12:51:05 PM6/20/05
to
Hi,

I have just upgraded my SBS 2003 machine to SP1 via Windows Update. It has
gone pretty well! I do have one problem, however.

I have SBS standard edition. My machine has two NICs. One connects to a
firewall and then to the internet, the other connects to the LAN so all
clients connect via the server, which connects via a dedicated Firewall.

Now my anti-virus program sits on the server also, and all the client
machines connect to it for updates and centralized reporting. The clients can
no longer see the anti-virus server, and I need to add an Exception to the
Windows Firewall on the server machine to allow the LAN-side machines.

Now here is my problem. When I run Control Panel / Windows Firewall on the
server machine I get a dialog:

Windows Firewall cannot run because another program or service is running
that might use the network address translation component (Ipnat.sys).

So, how do I add a program as an exception?

Thanks for your help,

- Mark


Susan Bradley, CPA aka Ebitz - SBS Rocks [MVP]

unread,
Jun 21, 2005, 1:33:28 AM6/21/05
to
http://www.sbslinks.com/group.htm add the exceptions there

Mark wrote:

--
An open letter to the Security Community::
http://msmvps.com/bradley/archive/2004/12/12/23540.aspx

Crina Li (MSFT)

unread,
Jun 21, 2005, 8:42:50 AM6/21/05
to
Hi Mark,

Thank you for posting in SBS newsgroup. Hi Susan, Thanks for your input.

From your description, I understand you want to know how to let the
anti-virus program pass the firewall. If I have misunderstood your
concerns, please do not hesitate to let me know.

Regarding Windows Firewall, by default, the firewall is disabled on SBS
because the SBS uses the Basic Firewall in RRAS to protect the LAN and the
SBS itself. Also, since SBS host many services, if you enable the Windows
firewall on SBS, it will result in many problems. When you enable the
option, then a Windows Firewall bounce box will occur which tell that you
can not enable the firewall.

If you want to add program exception, please try the steps of the article
http://www.sbslinks.com/group.htm which Susan has provided.

Please also refer to the section Configuring Windows Firewall for a Windows
Small Business Server Environment of the following document:
http://www.microsoft.com/technet/prodtechnol/sbs/2003/deploy/sbs_xpsp2.mspx

You may also need to contact the anti-virus software provide to check which
port is needed or which application is needed to be added to the exception
list.

I will look forward to your reply.

Best regards,

Crina Li (MSFT)

Microsoft CSS Online Newsgroup Support

Get Secure! - www.microsoft.com/security

=====================================================
When responding to posts, please "Reply to Group" via your newsreader so
that others may learn and benefit from your issue.
=====================================================

This posting is provided "AS IS" with no warranties, and confers no rights.
--------------------
| Thread-Topic: SP1 Firewall/ Adding a program as an exception
| | From: "=?Utf-8?B?TWFyaw==?=" <Ma...@discussions.microsoft.com>
| Subject: SP1 Firewall/ Adding a program as an exception
| Date: Mon, 20 Jun 2005 09:51:05 -0700
| | Newsgroups: microsoft.public.windows.server.sbs

Mark

unread,
Jun 21, 2005, 6:09:02 PM6/21/05
to
Thanks to Crina and Susan. That's great support!

Crina Li (MSFT)

unread,
Jun 21, 2005, 9:21:29 PM6/21/05
to
Hi Mark,

Thanks for your reply.

I am glad to hear the problem is resolved.

It is my pleasure to work with you in this post. If you encounter any
difficulties in the future, please submit the post to the newsgroup. We
are glad to be of the assistance.

Again, thank you for using Microsoft newsgroup. Have a nice day. :)

Best regards,

Crina Li (MSFT)

Microsoft CSS Online Newsgroup Support

Get Secure! - www.microsoft.com/security

=====================================================
When responding to posts, please "Reply to Group" via your newsreader so
that others may learn and benefit from your issue.
=====================================================

This posting is provided "AS IS" with no warranties, and confers no rights.
--------------------
| Thread-Topic: SP1 Firewall/ Adding a program as an exception
|| From: "=?Utf-8?B?TWFyaw==?=" <Ma...@discussions.microsoft.com>

| References: <E67728C3-147A-4C60...@microsoft.com>
<euo886ld...@TK2MSFTNGXA01.phx.gbl>
| Subject: RE: SP1 Firewall/ Adding a program as an exception
| Date: Tue, 21 Jun 2005 15:09:02 -0700
| | Newsgroups: microsoft.public.windows.server.sbs

0 new messages