SBS 2008 – Cannot RDP to machines via VPN or from other sites
KB ID 0000193 Problem The firewall policy that Server 2008 uses out of the box only allows RDP connections from the local LAN. This is great in an office environment, but it you have remote VPN clients (On a different IP range) that can’t get access to your client PC’s or member servers via RDP, not so good. If you have a member server running terminal services for example, then having RDP blocked will stop it working. You...
McAfee ePO – Client Firewall Exceptions to Allow Agent Deployment
KB ID 0000952 Problem It’s been a while, since I deployed ePO, and as I’ve got a big McAfee roll-out coming up I thought I’d better run it up on the test bench and see how much it’s changed since version 4. As the prospective client is going to use Server 2012 and Windows 8, that’s what I tested it with. Despite my best efforts the the McAfee agent (8.6) refused to deploy to the clients as long as I had...
Juniper SRX Firewall – Allow ‘Ping’
KB ID 0000706 Problem I was working on an SRX100B Firewall yesterday, and needed to be able to ping the outside interface. Solution Note: You can quickly enable ping on a physical interface from CLI like so; set security zone security-zone trust interface ge-0/0/0 host-inbound-traffic system services ping 1. Log into the web console of the Juniper. 2. Navigate to Security > Zones/Screen > Select the ‘Untrust’ Zone...
Juniper SRX Firewall – Allow Web Management from Outside
KB ID 0000708 Problem Assuming you already have web management enabled, and you want to access it from the outside (the untrusted zone). Solution 1. Log into the web console of the Juniper. 2. Navigate to Security > Zones/Screen > Select the ‘Untrust’ Zone > Edit > Host inbound traffic – Interface > Select the Outside interface > Under Interface services add in ‘http’ > OK. 3. Then...
Juniper SRX – ‘The Routing Subsystem Is Not Running’
KB ID 0001045 Problem While trying to deploy Solarwinds to monitor a Juniper SRX failover cluster, we were having no joy connecting to the management interface of the secondary/standby firewall. The management (fxp0) interface on the primary (node0) firewall we could get to OK. ] After jumping on the secondary firewall (via the console connection) we observed the following; error: the routing subsystem is not running Solution As you...