none
how do i know if there is firewall in my LAN ? RRS feed

  • Question

  • Hi everyone,
    At my home LAN there are 2 SQL servers between which i cant make connections. The only reason for me failing to create connection between the 2 SQL servers is supposed to be a firewall existence that blocks data transportation from one machine to the other.
    My questions:
    How do i get to know whether the router upon which my lan is based, contains firewall ?
    How do i know if the antivirus both machines run contain firewall ?
    Assuming there is firewall, how do i make it accept port 1433 data ?
    Hopefuly i expressed myself clear enough given that my comprehension in firewalls and ports is poor.
    Thanks


    ps
    Thursday, March 26, 2009 6:12 PM

Answers

  • I am somewhat stumped.

    You could test file sharing.  Try something like dir \\laptop\c$ or net use t: \\laptop\c$.

    Maybe someone in the SQL Server forums would be able to help.
    • Marked as answer by pssheba Wednesday, April 1, 2009 6:54 AM
    Tuesday, March 31, 2009 11:39 PM

All replies

  • hi there,

    as per my experience, you can keep track of default gateway existence , but you cannot determine by any tools whether firewall is existed on network / between your 2 servers.

    why cant you ask your network administartor about this question .

    on windows clients you can easily find it out , but over a netwokr its tough


    sainath Windows Driver Development
    • Proposed as answer by David Shen Friday, March 27, 2009 9:40 AM
    Friday, March 27, 2009 6:46 AM
    Moderator
  • Hi,
    Thanks. This is home network and i'm its' admin, at least trying to be...
    ps
    Friday, March 27, 2009 10:38 AM
  • If this is a home network, then most likely it is a software firewall on the computer itself that would be blocking the port.  Turn off windows firewall (the most likely culprit) and try the connection again. Turn this off on both computers.  Then look and see if you have any third party firewalls, such as McAfee, Zone Alarm, Symantec, or something similar.  

    If you fully think there is a hardware firewall blocking the connection, we would need more information aboutt how everything is connected.  Trace the ethernet cables from the computer and tell us the model number of the device they are plugged into.  

    Hope this all helps.  

    Good luck.

    Scotty
    • Proposed as answer by David Shen Monday, March 30, 2009 4:12 AM
    Friday, March 27, 2009 3:55 PM
  • Hello,

    How do i get to know whether the router upon which my lan is based, contains firewall ?


              The best and the simple way to check the if the 1433 port is opened try telnet.

    Telnet ipaddress and the port

    Telnet 192.168.0.1 1433 and press enter and a blank screen should come and you will no that the particular pc is listning to the port.

    and also check

    How do i know if the antivirus both machines run contain firewall ?

    Depends on the AV and we dont know what kind of Antivirus you are using and nowadays usually all the AV applications have builtin Firewall System if you let us know the Name of Av it would be easier for us to let you know.


    Assuming there is firewall, how do i make it accept port 1433 data ?


    http://support.microsoft.com/default.aspx?scid=kb;en-us;842242

    Thanks and Hope it Helps








    Syed Khairuddin
    • Edited by Syed Khairuddin Friday, March 27, 2009 9:07 PM Add it
    • Proposed as answer by David Shen Monday, March 30, 2009 4:12 AM
    Friday, March 27, 2009 4:32 PM
  • Hello,

    How do i get to know whether the router upon which my lan is based, contains firewall ?


              The best and the simple way to check the if the 1433 port is opened try telnet.

    Telnet ipaddress and the port

    Telnet 192.168.0.1 1433 and press enter and a blank screen should come and you will no that the particular pc is listning to the port.

    and also check

    • How do i know if the antivirus both machines run contain firewall ?

      Depends on the AV and we dont know what kind of Antivirus you are using and nowadays usually all the AV applications have builtin Firewall System if you let us know the Name of Av it would be easier for us to let you know.


      Assuming there is firewall, how do i make it accept port 1433 data ?


      http://support.microsoft.com/default.aspx?scid=kb;en-us;842242

      Thanks and Hope it Helps

    Syed Khairuddin

    Hi Syed,
    This is what i did:
    I removed AV from both machines.
    I ran: telnet 192.168.2.103 1433
    This is what i got:
    connecting to 192.168.2.103...could not open connection to the host on port 1433 connect failed.

    Since there is a network connectio with the other machin (i see it using windows' "My network places") should i gathet that the router and its' port blocking is the source to all my dismay ?
    I'm truely grateful for your aid !
    Thanks

    ps
    Sunday, March 29, 2009 7:00 AM
  • Hi Scotty and thanks a lot,
    All I know about my router it is "Alactel". I dont have a model number but i'll search the documents, maybe I find some more information.
    Thanks a lot
    ps
    I tried to run "telnet laptop" and recieved the same notification that connection fails with port 23 which means the port is not the main issue. I cannot make any connectio to the other machine although i removed all AVs.
    Thanks
    Sunday, March 29, 2009 7:05 AM
  • Ok lets do a simple test.

    Take a cross cable and connect the two servers back to back without any switch or router in between you will be more sure.

    Thanks and Hope this Helps


    Syed Khairuddin
    Sunday, March 29, 2009 9:04 AM
  • What i did: I pulled 1st machine's cable off the router and connected it to the other machine. There was no connection between the 2 computers.
    Thanks
    ps
    Sunday, March 29, 2009 11:11 AM
  • You need a cross over cable. The cable which you pulled out from the router is the straight cable. To connect the same devices you need a cross over cable.

    Thanks

     

     


    Syed Khairuddin
    Sunday, March 29, 2009 11:22 AM
  • i see... i'll have to see if i have any. Since i alway worked with hubs and routers i doubt....Thanks anyway.
    ps
    Sunday, March 29, 2009 12:41 PM
  • Other things to try:

    With both machines connected to the router, open a command prompt on each and type ipconfig /all.

    Try to ping the router by address from both machines.  The router address should be listed as "Default Gateway", most likely 192.168.2.1, just like mine.

    C:\>ipconfig /all
    
    Windows IP Configuration
    
       Host Name . . . . . . . . . . . . : server03r2
       Primary Dns Suffix  . . . . . . . : Borg.local
       Node Type . . . . . . . . . . . . : Hybrid
       IP Routing Enabled. . . . . . . . : No
       WINS Proxy Enabled. . . . . . . . : No
       DNS Suffix Search List. . . . . . : Borg.local
    
    Ethernet adapter Local Area Connection 2:
    
       Connection-specific DNS Suffix  . : Borg.local
       Description . . . . . . . . . . . : NVIDIA nForce Networking Controller #2
       Physical Address. . . . . . . . . : 00-50-8D-7E-9C-F1
       DHCP Enabled. . . . . . . . . . . : No
       IP Address. . . . . . . . . . . . : 192.168.2.253
       Subnet Mask . . . . . . . . . . . : 255.255.255.0
       Default Gateway . . . . . . . . . : 192.168.2.1
       DNS Servers . . . . . . . . . . . : 192.168.2.253
                                           192.168.2.252
                                           192.168.2.251
                                           192.168.2.1
       Primary WINS Server . . . . . . . : 192.168.2.253
       Secondary WINS Server . . . . . . : 192.168.2.250
                                           192.168.2.252
    
    C:\>ping 192.168.2.1
    
    Pinging 192.168.2.1 with 32 bytes of data:
    
    Reply from 192.168.2.1: bytes=32 time=2ms TTL=64
    Reply from 192.168.2.1: bytes=32 time=2ms TTL=64
    Reply from 192.168.2.1: bytes=32 time=1ms TTL=64
    Reply from 192.168.2.1: bytes=32 time=1ms TTL=64
    
    Ping statistics for 192.168.2.1:
        Packets: Sent = 4, Received = 4, Lost = 0 (0% loss),
    Approximate round trip times in milli-seconds:
        Minimum = 1ms, Maximum = 2ms, Average = 1ms
    
    C:\>arp -a
    
    Interface: 192.168.2.253 --- 0x2
      Internet Address      Physical Address      Type
      192.168.2.1           00-11-50-3c-52-8c     dynamic
      192.168.2.28          00-15-5d-02-f9-02     dynamic
      192.168.2.29          00-15-5d-02-f9-03     dynamic
      192.168.2.251         00-15-5d-02-f9-01     dynamic
      192.168.2.252         00-15-5d-02-f9-00     dynamic
    


    Then try pinging the other machine.

    After pinging, type arp -a.

    You can also try telnet to the router, or open a web page such as http://192.168.2.1/
    • Proposed as answer by David Shen Monday, March 30, 2009 4:12 AM
    Sunday, March 29, 2009 8:23 PM
  • Hi bnborg,
    Here are the results of me acting according to your instructions

    ipconfig /all:

    Host name:              myPC
    Primary Dns Sufix:
    Node Type:              Hybrid
    IP Routing enable:      No
    WINS Proxy Enabled:     No
    Ethernet adapter Local Area Connection:
    Connection-specific DNS Suffix .:
    Description.................:my network card
    Phisical address .......:my card's number
    Dhcp enabled:           Yes
    Autoconfiguration Enabled:     Yes
    IP address 192.168.2.102
    Subnet Mask:........255....
    Default Gateway:....................192.168.2.1
    DHCP Server......................192.168.2.1
    DNS Server ......................192.168.2.1

    As you can see my default server, DHCP Server and DNS Server are the same: the router.

    ping 192.168.2.1 to the router gave the following results:

    Reply from 192.168.2.1: bytes=32 time=1ms TTL=255
    Reply from 192.168.2.1: bytes=32 time<1ms TTL=255
    Reply from 192.168.2.1: bytes=32 time<1ms TTL=255
    Reply from 192.168.2.1: bytes=32 time<1ms TTL=255

    ping 192.168.2.103 to the other machine gave the following result

    Reply from 192.168.2.103: bytes=32 time<1ms TTL=128
    Reply from 192.168.2.103: bytes=32 time<1ms TTL=128
    Reply from 192.168.2.103: bytes=32 time<1ms TTL=128
    Reply from 192.168.2.103: bytes=32 time<1ms TTL=128

    arp -a results are:

    192.168.2.103 card's number dynamic

    telnet to gateway: failed
    telnet to the other machine failed

    http://192.168.2.1/ showed router's information. Firewall checkbox is signed: Disable

    is there any conclusion i can derive from the above ?
    I was talking to people who told me that with telnet it alway fail if there is no program "listening" in the otherside.
    About SQL server->client tey told me maybe it works only with ms windows2003 version. Mine is xp.
    Thanks a lot !

    ps
    Monday, March 30, 2009 6:44 PM
  • Well, you now know that you have basic ip connectivity between the two PCs, and that your router is not using a firewall.

    The problem might be with name resolution.  Try pinging the other PC by name.  If you get a message saying that the name is unknown, then you don't have name resolution.

    Some routers will provide dns services for the private lan, some don't.  On some, this can be configured from the routers web page.

    An alternative to this would be to use a hosts file.  This isn't that bad on a small home network.  All you need to do is open the file C:\WINDOWS\system32\drivers\etc\hosts with wordpad or notepad and add the lines for your PCs, such as:

    127.0.0.1         localhost        # Already in the existing file.

    192.168.2.102            myPC           #  Your
    192.168.2.103         OtherPC           #  PCs

    Put the file on each PC and test with ping by name.

    Note, the file is hosts with no extension, not hosts.txt.  Rename the new one if necessary.

     

    Tuesday, March 31, 2009 12:29 AM
  • Thanks bnborg
    I pinged "laptop" (thats the name of the client) and got:
    Pinging laptop  (192.168.2.103) with 32 bytes of data
    Reply from 192.168.2.103 = 32 time<ms TTL=128
    Reply from 192.168.2.103 = 32 time<ms TTL=128
    Reply from 192.168.2.103 = 32 time<ms TTL=128
    Reply from 192.168.2.103 = 32 time<ms TTL=128
    and more statistics...
    Bottom line: I do have name resolution and the problem is not laid there.
    operating: Telnet laptop returns: "Could not open connection to the host on port 23 connection failed
    operating Telnet laptop 1433 returns: Could not open connection to the host on port 1433 connection failed
    Any idea ?
    Thanks again


    ps
    Tuesday, March 31, 2009 1:30 PM
  • I am somewhat stumped.

    You could test file sharing.  Try something like dir \\laptop\c$ or net use t: \\laptop\c$.

    Maybe someone in the SQL Server forums would be able to help.
    • Marked as answer by pssheba Wednesday, April 1, 2009 6:54 AM
    Tuesday, March 31, 2009 11:39 PM
  • Thanks,
    I'll try other chanels. Thanks for your efforts. This is far more complicated then seen at first glance. It is connected to window's users privilleges, to enabling windows' services and windows' firewall. I'll try reading sql help for installing server althogh reading ms tutorials was never beneficial for me for it is full of links from one tutorial to another..
    Thanks again  
    ps
    Wednesday, April 1, 2009 6:54 AM