• RSS
  • Twitter
  • FaceBook

Welcome to ISAserver.org

Forums | Register | Login | My Profile | Inbox | RSS RSS icon | My Subscription | My Forums | Address Book | Member List | Search | FAQ | Ticket List | Log Out

NetBios Session/Datagram protocol blocked

Users viewing this topic: none

Logged in as: Guest
  Printable Version
All Forums >> [ISA 2006 Firewall] >> Access Policies >> NetBios Session/Datagram protocol blocked Page: [1]
Login
Message << Older Topic   Newer Topic >>
NetBios Session/Datagram protocol blocked - 28.Sep.2007 5:06:17 AM   
tsamoska

 

Posts: 4
Joined: 4.Oct.2004
From: Lithuania
Status: offline
Hi,

I noticed on my ISA 2006 that internal network workstations broadcast NetBios Sessian and Datagram protocol to my local network broadcast address and this is denied by iSA.

See logs from ISA below:




Denied Connection
Server 2007.09.28 11:52:58

Log type: Firewall service

Status:

Rule: Default rule

Source: Internal (192.168.6.37:138)

Destination: Local Host (192.168.7.255:138)

Protocol: NetBios Datagram

User:



Additional information

Number of bytes sent: 0 Number of bytes received: 0
Processing time: 0ms Original Client IP: 192.168.6.37
Client agent:



Denied Connection
Server 2007.09.28 11:52:50

Log type: Firewall service

Status:

Rule: Default rule

Source: Internal (192.168.6.37:137)

Destination: Local Host (192.168.7.255:137)

Protocol: NetBios Name Service

User:



Additional information

Number of bytes sent: 0 Number of bytes received: 0
Processing time: 0ms Original Client IP: 192.168.6.37
Client agent:
Questions are:
Why workstations try to connect to network brodcast IP? Some network configuration problems?
Do this need to be allowed?
Any Ideas?
Thak you in advance.

Regards
Tomas
Post #: 1
RE: NetBios Session/Datagram protocol blocked - 11.Oct.2007 10:17:23 AM   
Lockstock

 

Posts: 14
Joined: 11.Sep.2007
Status: offline
Hi there,

I am having the same issue. Did you find an answer?

Cheers

(in reply to tsamoska)
Post #: 2
RE: NetBios Session/Datagram protocol blocked - 12.Oct.2007 2:24:09 AM   
tsamoska

 

Posts: 4
Joined: 4.Oct.2004
From: Lithuania
Status: offline
Hi ,

Unfortunately I did not find answer yet.
Now a little bit busy, but will come back to this next week.
Hope that someone from community will advice until that

Regards
Tomas

(in reply to Lockstock)
Post #: 3
RE: NetBios Session/Datagram protocol blocked - 27.Dec.2007 4:55:42 AM   
Chris.Marsh

 

Posts: 4
Joined: 14.Jun.2005
From: UK
Status: offline
I found this was giving me a problem with AVG Remote installation and that this stopped the software from scanning the domain for workstations.  I guess that this is blocked by default to stop external sources from scanning your network, but I can't see any problems if this is allowed to 'Internal' and 'Local Hosts' only prehaps someone with more knowledge might come back with comments on this.

I have now created a new Access Rule: -
Name:                         NetBIOS Services
Allow/Deny:                   Allow
Protocols:                    NetBIOS Datagram & NetBIOS Name Service
Access Rule Sources:          Internal & Local Host
Access Rule Destinations:     Internal & Local Host
User Sets:                    All Users


This has cured my problem with AVG Remote Installation.

Any comments would be greatly appreciated!

Regards
Chris

(in reply to tsamoska)
Post #: 4
RE: NetBios Session/Datagram protocol blocked - 28.Dec.2007 5:47:15 PM   
shaunguthrie

 

Posts: 1
Joined: 28.Dec.2007
Status: offline
I had the exact same issue when configured with one network interface.  I had talked to a Microsoft ISA technician on some other issues and asked him this same question and if that was normal.  His responce was as follows

"Yes that is normal.  We do not want the internal interface of ISA using DHCP and we also don't allow netbios to the localhost per the system policy.  This is for security reasons."

(in reply to tsamoska)
Post #: 5

Page:   [1] << Older Topic    Newer Topic >>
All Forums >> [ISA 2006 Firewall] >> Access Policies >> NetBios Session/Datagram protocol blocked Page: [1]
Jump to:

New Messages No New Messages
Hot Topic w/ New Messages Hot Topic w/o New Messages
Locked w/ New Messages Locked w/o New Messages
 Post New Thread
 Reply to Message
 Post New Poll
 Submit Vote
 Delete My Own Post
 Delete My Own Thread
 Rate Posts