IT Problem

I had an issue at a client site this week where the server looked absolutely fine, however all the pc`s could not see the server, authenticate to it or even ping it for that matter.This was on a Domain Controller and also a file and print server. Symptoms include pings one way only.

 

IT Solution

After digging around and speaking to some colleagues it turns out it is an issue with an update to server 2008 R2 which effects the windows firewall. The strange thing is even disabling the firewall does not resolve the issue. Follow the below to resolve this issue.

1.) First make sure that the firewall service is started services. So start > run > and enter services.msc. Then a make sure the windows firewall is set to start automatically and it is also started.

 

 

2. Now go to start then run and enter firewall.cpl, make sure that it is set to enabled and that it is not set to block all traffic.

 

 

 

Then go to the Allow a program or feature through the Windows Firewall setting and make sure that you enable the ports that you need, such as active directory domain services , file replication dns, dhcp etc.

 

 

3.)We then need to add a couple of keys into the registry. So go to start then run and enter regedit. then browse to the keys below and enter them.

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters

On the right create a new dword value called MaxUserPort and set the decimal value to 65535.

 

Again browse to the below

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\DNS\Parameters

and again enter a dword value called SocketPoolSize witha decimal value of 500.

 

Finally reboot your server and you pc`s should be able to connect to the domain.

Tags: firewall

• Next
• Prev