Hi all. Ran into an issue with the firewall blocking OA. I found it odd that I couldn't find anyone here who had this issue; else I am blind, dumb, or both. From the cmd line of the server (a 32bit XP VM), auditing works fine, with FW off, at targets in workgroups (W7 x64). Firewall on, no go, and a pretty useless error appears:
Problem Authenticating (1) to 10.x.x.x Error Number: 424 Error Description: Object required
Firewall off, no problem authenticating. (tested admin shares, mounted drives, yada yada - all good) A little network sniff sussed it out. What was required was a firewall rule on the target machines. I needed to allow the RPC protocol with dynamic port ranges.
The quick fix (not locked down, but useable)- Control Panel > Windows Firewall > Advanced > New Rule Rule Type - Port > Next TCP - All Local Ports > Next Allow > Next Choose Networks > Next Name your new rule > Finish.
Now open your new rule (that you named appropriately) and select the Protocols and Ports Tab. Under Local Port, select from the drop down menu " RPC Dynamic Ports" > Apply and Save.
The reason is, RPC listens on port 135, and then generates random unassigned ports for the rest of the communication. If this has been answered, apologies for another post it, it just stumped me for a bit.
If anyone has the time, or the inclination, bonus points for accomplishing the above using netsh advfirewall. Apologies, I just don't have the time right now.
Edit: Precise error description after replicating error again.
Last edited by algcstech on Tue Mar 26, 2013 3:56 am, edited 2 times in total.
|