So... I can't ping my Core server, and I can't remotely manage it!
Well it's time to get cosy with Windows Advanced Firewall, and configuring it using the netsh command :-)
If you want to get your boots on and get into it knee deep, you can list all the firewall rules using the command:
netsh advfirewall firewall show rule name=all
Wow, now there's something to get your teeth into and provide yourself with some gripping reading for the next 15 minutes... not. Well not unless you know what you are looking for... and unless you have already had a good play with this stuff, then you can probbly only make an educated guess at what it is that you are looking at.
So, the first thing I want to be able to do is to get IPv4 ping replies from my server. You might ask: "Surely there is already a rule that I can turn on to allow this", and the answer would be "Yes"... there is, but I find that the rule is named in a way that slightly throws you off course...
The rule is called "File and Printer Sharing (Echo Request - ICMPv4-In)"
So, take a look at it with the following command:
netsh advfirewall firewall show rule name="File and Printer Sharing (Echo Request - ICMPv4-In)"
You will see that the "Action" will be set to "Allow" ... buuut the "Enabled" parameter is set to "No"
So to enable this rule you use the following command:
netsh advfirewall firewall set rule name="File and Printer Sharing (Echo Request - ICMPv4-In)" new enable=yes
While most of that is self explanetory, I wondered what the "new" bit was for, well the built-in help explained that:
"Values after the new keyword are updated in the rule. If ther are no values, or keyword new is missing, no changes are made."
So there we go, the server is now ping-able using IPv4. If you use IPv6, then the rule name is almost identical .. just change the 4 to a 6!
Remote Admin, and other fun things will follow in my next post!
Subscribe to:
Post Comments (Atom)
No comments:
Post a Comment