Opening port 51325 on firewall

Similar Messages

• RDS and Gateway issues: Cannot get remoteapps to run without opening port 3389 on firewall

  I am testing the setup of a small RDweb server to host QuickBooks for some remote sales users (4 users). For the most part, I have everything installed on one virtual server (using 2012r2 "Quick Start" session host deployment with the additional
  Licensing and Gateway server roles added to the same server).
  Everything works excellent with one exception. External clients cannot launch published apps without having port 3389 open on the firewall, even with the gateway role installed and the 'Deployment Properties' set to use the gateway. They can properly connect
  to the RDweb site and view the published apps. The only way it works is open the firewall port (at which time I can disable the gateway or leave it configured and it works either way). Internally, everything works accordingly. I have followed the steps outlined
  on many sites and have combed though the forum here to no avail.
  Error received (summarized but is a well documented error):
  remote desktop can't connect to the remote computer: 1- Your user account is not listed (it actually is) or 2- You might have specified the remote computer in NetBios format . . etc.
  This is an existing SBS 2011 environment with additional virtual servers setup to host QuickBooks as outlined below:
  Current setup:
  Used Quick Start to install Remote Desktop Services in hosted sessions mode
  Installed the additional roles for Licensing and Gateway server on same server
  Configured wild card public certificates on all four services (Connection Broker(2), Web Access and Gateway)
  Configured internal DNS to properly lookup our external FQDN of this server (ex. quickbooks.contoso.com points to quickbooks.contoso.local
  One thing I noticed (just now) when I launch a published app and the firewall has port 3389 closed, a dialog box pops up directly after launching the app that warns about running a RemoteApp program and mentions the Remote Computer and the Gateway Server
  as both the same (which it is); however, I would have assumed one would have listed the internal server's name while, instead, both are listed as the external FQDN. Either way, internal DNS should still allow it to properly route . . no? I don't know . . I'm
  sure I am just missing something in a routing configurations somewhere. The gateway service is not properly looking up the RDweb service and then seeming not routing the encapsulated RDP session through HTTPS. . .. is my guess . .
  I was reading about the "set published name" commandlet; however, I am not experiencing a certificate name mismatch; however, the certificate name does show up as *.contoso.com versus the actual name. I may just be grasping as straws now . . :)

  Ok, while I was in the server and looking over the BPA scans: "The Remote Desktop Gateway (RD Gateway) server Secure Sockets Layer (SSL) certificate may not have a valid certificate subject name." This may be due to it showing up as *.companyname.com
  versus quickbooks.companyname.com. Anyhow. .. on to the list of actions above:
  Changed RD RAP from "Select Active Directory" group to "Allow any network resource" and tested with port 3389 closed on firewall:
  Worked. Initially it did not as I had used a custom shortcut created from earlier; however, after logging into the RDweb site again, the application loaded fine now (after the RD RAP change)
  No error message appeared; however, I did notice that for a split second, the word Error did appear in the browser's tab title, but only very shortly. The app launch does take a bit longer too now (about 10-15 seconds, up from about 4 seconds with the port
  open). This, I could care less about so long as we are properly forwarding the traffic through the gateway.
  As for log entries, I had spend quite a bit of time in there and only had minor issues with loading user profile setting taking too long and policy settings preventing the redirection of USB devices. Looking again, no issues still. Just a bunch of informational
  entries where I would connect before (and disconnect) but only with the port on the firewall open; otherwise, there was not an entry corrolating to when I would receive an error before. Now though, I am connecting after the RD RAP change and logs are showing
  connections even with the port closed. These are in "operational", the "admin" log only shows the update to the RD RAP configuration.
  Yes, the LAN's DNS server does relay the lookup information for my public FQDN as the local LAN address. No need for a local host record.
  I have now added a new rule in our firewall to allow and forward UDP port 3391 traffic to the internal server hosting remote services
  Thank you very much for your assistance on this matter. The RD RAP rule was default built during the creation of this services. Why is the resource not cross-referencing AD security groups? I could have sworn I created a group for that . . .

• Open port 5223 through firewall

  I was hoping to get a little assistance in opening a port through our ASA 5510. I need to allow a tcp connection for IP 65.74.157.196 on port 5223 through our firewall to the subnet 10.1.12.0/24.
  In the GUI, I created an access rule on our Outside interface with the source of 65.74.157.196 and the destination of 10.1.12.0/24 with the Service set to tcp 5223 and the Action is Permit.
  Is there anything else I need to configure?

  We are running 8.2.
  This is what I have:
  ACL
  access-list Outside-ISP1_access_in extended permit tcp host RemoteServerIP any 5223
  NAT
  static (Inside,Outside-ISP1) tcp interface 5223 10.1.12.55 5223 netmask 255.255.255.255
  10.1.12.55 is the inside address the remote server needs to communicate with on 5223
  I attached an image of the Packet Tracer results.

• How do you open port 3283 when firewall is off?

  I've had no success trying to get ARD working on a new Snow Leopard Server 10.6.2 install on an XServe. Can't get it working from the Sharing control panel, and tried all the different syntax options in kickstart here
  http://discussions.apple.com/thread.jspa?threadID=2342445&tstart=15
  and here http://support.apple.com/kb/HT2370
  A port scan shows that port 3283 is closed, but the computer firewall is off, and there is no external firewall. Another 10.6.2 Server works fine on ARD, so it's internal to the first one.
  How can I open that port? Hoping that's the problem.
  Thanking anyone for feedback.

  It's probably a Mac OS X firewall fault, where it's actually holding that port closed even though it claims the firewall is off. I'd suggest you ask in the Mac OS X Server forum; you'll be more likely to get help with this problem there this not being an ARD problem per se.
  This of course presumes that the Xserve isn't behind a router that might be filtering that port. If both Xserver are on the same subnet, that probably won't be the case, but if the problem Xserve is on a different subnet, you might check the router's filter.
  Regards.

• Opening of TCP/IP Port 53 in Firewall

  Hi ,
  I checked few SharePoint blogs which say for SharePoint 2013 need to open Port 53 in Firewall for "User Profile Synchronization Service(FIM)" to
  DNS server.
  - What user profile sync is been done between SP server and DNS server. isn't the user profile sync is from AD server ?
  pl see the link http://technet.microsoft.com/en-us/library/cc262849.aspx
  Thanks 
  Hari
  Hari

  thanks guys.
  My SP farm is in could and AD & DNS are in different cloud zone, hence firewall is in between.
  I am SP guy no much knowledge of firewall, DNS & AD. The cloud infra team has rejected the request to open port 53 to DNS server reason " This rule cannot be allowed
  as it will also cause functional issues for the Cloud VMs. Cloud VMs depends on Cloud internal DNS services to function. One method may be to consider if another AD/ DNS can be configured within G-Cloud as a VM. We apologize as we are unable to advise a solution,
  and even this needs to be submitted in this Pre-Qualification form for approval. Please note that Cloud VMs must not directly join the remote domain as this will cause the required DNS records to be missing."
  So I still this FIM to connect to AD-DS server or DNS server to fetch user information. 
  Thanks
  hari
  Hari

• Firewall in 10.5, how to open ports and how to manage?

  I am pulling my hair out with the new firewall in 10.5. In 10.4 I could just set ports as I liked in the control panel, in 10.5 there is no such thing.
  I need to for example open port 49999 to allow PageSender to function in my network.
  I need to open port 5901 to work with JollyFast VNC, as port 5900 is used by Apple Remote Desktop and the conflict if they both use the same port.
  Some of these ports I need permanent open like 59999 and others for one session and than close again, like 5901. Again in 10.4 I made the rule in the pref pane, ticked the box and Bob was your uncle. Now?
  I would like to be able to see what ports are open and active on the machine. I have no idea as to where I could see this.
  And at the same time I would like to keep the firewall as closed as possible as I am often on line in hotels etc.
  So I need help, is there a manual somewhere someone is aware of? Or do you have any answers?

  The new Application Firewall does not work in the same way as IPFW (the main firewall in 10.4).
  Instead of managing ports, it simply controls the access of applications to any port. Thus, if you want PageSender to receive connections, you simply need to switch the firewall to "Set access for specific services and applications", and then add PageSender to the list, with "Allow incoming connections". When you do this, PageSender will be able to receive connections on any port that it needs to.
  If you don't like this method of controlling connections, you can still use IPFW. Apple has removed the GUI, but you can download a GUI application like [NoobProof|http://www.hanynet.com/noobproof> or [WaterRoof|http://www.hanynet.com/waterroof/index.html], and you can then set access for specific ports.
  There are no problems with using both IPFW and Application Firewall.
  Cheers,
  Rodney

• Can't update iOS 8 on my iPhone5 through iTunes on Windows 8 (error 3004, 3194). Updated host file, opened port 80, 443; turned off security system and firewall, etc. But nothing works. How to solve this problem?

  Can't update iOS 8 on my iPhone5 through iTunes on Windows 8 (error 3004, 3194). Updated host file, opened port 80, 443; turned off security system and firewall, etc. But nothing works. How to solve this problem?

  Hi the_mad_movies,
  It seems like this article will be the best option for addressing this issue:
  Error 3194, Error 17, or "This device isn't eligible for the requested build"
  http://support.apple.com/kb/ts4451
  Thanks for coming to the Apple Support Communities!
  Cheers,
  Braden

• I need to open specific ports in the firewall - how do you do that?

  Hi There,
  I'm trying to setup a web development server on a spare mac mini but I can't figure out how to open ports for the MySQL server under Snow Leopard.
  Is there a way to do this? I've set the firewall to allow MAMP to open ports whenever it needs to but when I do a port scan of the Mac mini the MySQL port doesn't show up - SSH, HTTP and VNC do however.
  I'm happy to configure it via the Terminal but I can't find any info on how to do this in Snow Leopard as I think it's different from Leopard (based on what I've found online).
  e.g.
  $ ipfw show
  Gives me an error:
  "ipfw: socket: Operation not permitted"
  Any help would be much appreciated
  Cheers
  Ben

  After digging around it looks like Snow Leopard doesn't use ipfw for opening ports.
  Does anyone know how to open ports in Snow Leopard? Apple don't seem to have any info on this - besides the allow incoming connections for certain applications.
  Will try WaterRoof and see what happens.
  Cheers
  Ben
  Message was edited by: Ben Sciascia

• Opening a port in the firewall

  I want to be able to use pulptunes, but I need to be able to open a port in my firewall (15000), how do I go about this?

  erikagwen,
  Leopard has a new "Application Firewall." What this means for you is that it will automatically configure itself to allow your application to communicate, opening ports as needed, provided you authorize it to do so. When you first launch the application, the firewall will detect the "sockets" that it creates, and ask if you wish to allow it to accept outside requests.
  It is also likely that you are behind a router, which will be running its own firewall. For this, you'll need to first determine the ports involved, then check and follow your router's documentation for forwarding those ports to your computer.
  Scott

• RMI firewall issue - opening port 1099 is not enough

  Hello,
  We have a distributed java desktop app that uses RMI with callbacks to communicate amongst the clients. It all works really well at our dev site and at 2 trial sites.
  We are about to deploy out to more customer sites - so I have been doing more testing with firewalls etc and discovered some issues. Our customers are small businesses and typically have between 1 and 10 desktop clients that connect to the server via RMI. These customers are "very NOT technical", so we need to give them set-and-forget firewalls etc.
  This is all on a LAN, with RMI using port 1099. On the firewalls (of the various PCs) we open ports 1099 (RMI) and 5432 (for the Postgres DB).
  Also, I was using "CurrPorts" and "SmartSniff" to monitor the traffic at each PC - so I had a reasonable view of proceedings.
  Basically, opening port 1099 on the server is necessary, but it is NOT ENOUGH. The RMI moves off to ports other than 1099, and the server firewall does not allow the connection.
  Procedure ...
  (1) start the "server" app - which starts the RMI registry - the "localhost" desktop app also starts and it works well to both the database and the RMI.
  (2) start another client - it connects to the DB Server, but NOT the RMI server.
  (3) open the server firewall to all traffic for a few seconds - then the client connects successfully.
  From CurrPort logging I could watch the RMI comms progress over those first few minutes ...
  Initially the comms do include port 1099 on the initial call to the server, but there after there are always 2 or 3 "channels" open, but not to 1099.
  I notice that the Postgres DB keeps using port 5432 for all of its active channels - so it does not have the same firewall issue.
  After we have opened the firewall for a few seconds - to enable the link - then we can turn the client on and off and the client re-connects without issue - so it would seem to be only an issue with the initial connection.
  I am sure that this is all completely standard and correct RMI behavior.
  QUESTIONS:
  1. Can RMI be "forced" to always use port 1099 for connections, and not move to other ports? (like the database uses 5432)
  2. Are there any suggestions for getting around this seemingly standard RMI behaviour?
  Other comments ...
  The firewall lets me open individual ports (say 1099) - BUT I can not justify opening ALL ports.
  The firewall lets me open all ports to an application, say "C:\Program Files\Java\jre6\bin\java.exe", but that app will occasionally change at a customer's site as they will update their java version and suddenly our app will stop working.
  Any guidance is appreciated.
  Many Thanks,
  -Damian

  1. Can RMI be "forced" to always use port 1099 for connectionsYes. Export all your servers on the same port. See UnicastRemoteObject constructor that takes an int, or UnicastRemoteObject.exportObject(int). If the RMI Registry is a separate process you can't re-use 1099 for this purpose, but see below.
  2. Are there any suggestions for getting around this seemingly standard RMI behaviour?Yes. Start the RMI Registry in the same JVM as the code, then you only need to use 1099 for everything.
  If you are using server socket factories, make sure they have an equals() method, or use the same instance for all remote objects.

• Mac OS X Leopard Firewall/default open ports rpcbind?

  Hi,
  I'm looking into hardening/securing mac os x leopard and noticed that port 111 rpcbind is open. Is rpcbind open by default? What are leopards default open ports on a fresh install?
  Also is there any way to run openbsd/freebsd PF firewall?
  Thanks!

  This is what nmap reports:
  Starting Nmap 4.76 ( http://nmap.org ) at 2009-03-02 12:28 EST
  Warning: Unable to open interface vmnet8 -- skipping it.
  Warning: Unable to open interface vmnet1 -- skipping it.
  Interesting ports on localhost (127.0.0.1):
  Not shown: 993 closed ports
  PORT STATE SERVICE
  111/tcp open rpcbind
  631/tcp open ipp
  1021/tcp open unknown
  1022/tcp open unknown
  1023/tcp open netvenuechat
  2049/tcp open nfs
  49152/tcp open unknown
  Nmap done: 1 IP address (1 host up) scanned in 10.55 seconds
  nestat -a | grep LISTEN confirms:
  tcp6 0 0 localhost.ipp . LISTEN
  tcp4 0 0 *.49152 . LISTEN
  tcp4 0 0 *.1021 . LISTEN
  tcp4 0 0 *.1022 . LISTEN
  tcp4 0 0 *.sunrpc . LISTEN
  tcp4 0 0 *.nfsd . LISTEN
  tcp4 0 0 *.1023 . LISTEN
  tcp4 0 0 localhost.ipp . LISTEN
  tcp6 0 0 localhost.ipp . LISTEN
  Not too sure what netvenuechat is and I have no idea why NFS is open/running. I'm not connecting to any NFS shares. How do I lock everything down?
  Any suggested IPFW rules?
  Here is what 'ipfw show' returns:
  3300 36 2160 deny icmp from any to me in icmptypes 8
  65535 866558 351141790 allow ip from any to any
  Thanks,
  Juan

• Opening port in Firewall with Script instead of ServerAdmin?

  Hi,
  I tried to google this but didn't find good leads. What is the way to open ports in the OS X Server 10.5 Software Firewall by using a shellscript instead of the GUI ServerAdmin tool?
  thanks a lot
  simon

  At the most basic level:
  #!/bin/bash
  HOST_IP = "123.123.123.123"
  /sbin/ipfw -f add 30000 allow tcp from $HOST_IP to any dst-port 20-21
  This would add a single rule, assigned to rule number 30000. It opens ports 20 and 21 for the specified IP. After installing this rule via script there are various things that will cause your firewall to be flushed and the rule will be lost. For example, just poking around in ServerAdmin can cause an unintentional flush and reloading of the firewall rules - you'll need a way to run your script again when it happens.
  Check the man page and google for info on ipfw.
  David
  Message was edited by: DavidWil

• IBCM SCCM 2012 r2 DO WE HAVE TO OPEN PORT 8531 IN EXTERNAL firewall

  Hi All
  IBCM SCCM 2012 r2 DO WE HAVE TO OPEN PORT 8531 IN EXTERNAL firewall for our site syatem in DMZ with role MP,sup &DP

  I agree, for IBCM you need SSL.
  But as far as i know your Update Point isn't forced to run on SSL (8531) unless you tick your Update point with "Require SSL" within your update point configuration - which ofcourse is the idael configuration.
  And if that's the case it's running 8530.
  That's true, but for IBCM, as Peter pointed out HTTPS is required. Thus, if you don't configure your WSUS instance to run using SSL, I doubt that it will work simply because the client agent will be "smart" enough to see that you don't have an SSL
  capable WSUS instance and thus won't configure the WUA to use the non-SSL WSUS instance. I can't say I've tested this though, so it's possible that it works, but I doubt it.
  Jason | http://blog.configmgrftw.com | @jasonsandys

• The access to our new chess hall may be blocked by your local firewall. You would need to reconfigure your firewall to open port 15010 for TCP traffic.

  How do I do the following so I can get into my chess program??
  The access to our new chess hall may be blocked by your
  local firewall. You would need to reconfigure your firewall to open port 15010
  for TCP traffic.

  This is not really Firefox related.
  What you need to do here is to read the firewall manual which usually explains how to create a rule for what you want to do.
  If you're using the Windows XP firewall, see this Microsoft article: http://windows.microsoft.com/en-US/windows-vista/Firewall-frequently-asked-questions

• Opening port on a 5585 firewall

                     New to firewalls, tring to open a port on a firewall to allow communication from source a.b.c.d port x to destination server e.f.g.h port y
  Would appreciate any help regarding syntax

  Hello,
  First of all you need the NAT rule and afterwards you can focus on the ACL.
  ACL would be like
  access-list Outside_In permit tcp host a.b.c.d host e.f.g.y eq 80
  access-group Outside_in in interface outside
  Looking for some Networking Assistance? 
  Contact me directly at [email protected]
  I will fix your problem ASAP.
  Cheers,
  Julio Carvajal Segura
  http://laguiadelnetworking.com