Home / server / Questions / 355297
Accepted
psyklopz
Asked: 2012-01-31 19:53:17 +0800 CST

Simple? Network issue, been fighting with all day

  • 772

I've got a simple set up here:

        Client C                (Internet)
        10.10.10.5 (Static)         |
        255.255.255.0               |
                  \                 |
                   \             X.X.X.X
Server 2008         \          Untangle Router              Client A (Win 7)
10.10.10.10 (Static)-----10.10.10.2      10.10.11.2---------10.10.11.X (DHCP)
255.255.255.0       /    255.255.255.0   255.255.255.0
                   /
                  /
        Client B (Win 7)
        10.10.10.X (DHCP)
        255.255.255.0

Client A can ping Client B. File share also works. Client B can ping Client A. File share also works. Server can ping Client A. File share also works. Server can ping Client B. File share also works. Client B can ping Server. File share also works. Client A CANNOT ping Server. File share does not work.

I've disabled the firewall on Server. Why does the server reject traffic outside its subnet (Client A) but Client B accepts it?

Edit: Here's proof that the packets are leaving the 10.10.10.2 interface of the UT.

Mon Jan 30 2012 23:54:35 GMT-0500 (Eastern Standard Time)
tcpdump: verbose output suppressed, use -v or -vv for full protocol decode
listening on eth1, link-type EN10MB (Ethernet), capture size 96 bytes
23:54:39.197107 IP 10.10.11.50 > 10.10.10.10: ICMP echo request, id 1, seq 223, length 40
23:54:43.952136 IP 10.10.11.50 > 10.10.10.10: ICMP echo request, id 1, seq 224, length 40
23:54:48.844599 IP 10.10.11.50 > 10.10.10.10: ICMP echo request, id 1, seq 225, length 40
23:54:53.885277 IP 10.10.11.50 > 10.10.10.10: ICMP echo request, id 1, seq 226, length 40
23:54:58.902342 IP 10.10.11.50 > 10.10.10.10: ICMP echo request, id 1, seq 227, length 40

5 packets captured
5 packets received by filter
0 packets dropped by kernel
Mon Jan 30 23:55:03 EST 2012 - Test Complete!

Edit #2: I've added Client C, which is also a static IP. I can ping it successfully as well. This is just to verify that the Untangle wasn't doing anything hokey with computers it had not assigned the IP to.

Edit #3: Pings get replied to, until just before the server is all the way booted up. Then the suddenly stop going through...

windows-server-2008-r2 windows-firewall untangle

3 Answers

  1. Best Answer

    Here's to a lucky 1AM fix...

    An old Kaspersky firewall existed from years ago. EVEN THOUGH IT HAD BEEN INSTALLED, PIECES REMAINED and had to be removed by the Kaspersky removal tool.

    • 1

  2. I think the same as many commentators: Your router seems to be the problem here. Make sure it routes IP traffic in both directions correctly between the two networks.

    • 0

  3. You say you disabled the firewall on server.

    Did you also reboot server after that ?

    In my experience Win7 and Server 2k8 have an annoying tendency to keep using TCP settings (including firewall) AFTER they got changed. It takes a reboot to get them fully in effect.

    (Among other things they keep honoring ARP's for the old IP address after you change the IP. Makes troubleshooting very "interesting".)

    Other than that: Packet capture on the server to really make sure things arrive there, just like ErikA already suggested.

    • 0