NetBios Session/Datagram protocol blocked (Full Version)

All Forums >> [ISA 2006 Firewall] >> Access Policies



Message


tsamoska -> NetBios Session/Datagram protocol blocked (28.Sep.2007 5:06:17 AM)

Hi,

I noticed on my ISA 2006 that internal network workstations broadcast NetBios Sessian and Datagram protocol to my local network broadcast address and this is denied by iSA.

See logs from ISA below:




Denied Connection
Server 2007.09.28 11:52:58

Log type: Firewall service

Status:

Rule: Default rule

Source: Internal (192.168.6.37:138)

Destination: Local Host (192.168.7.255:138)

Protocol: NetBios Datagram

User:



[image]http://forums.isaserver.org/file:///C:/Program%20Files/Microsoft%20ISA%20Server/UI_HTMLs/_image/general/minusImg.gif[/image] Additional information

Number of bytes sent: 0 Number of bytes received: 0
Processing time: 0ms Original Client IP: 192.168.6.37
Client agent:



Denied Connection
Server 2007.09.28 11:52:50

Log type: Firewall service

Status:

Rule: Default rule

Source: Internal (192.168.6.37:137)

Destination: Local Host (192.168.7.255:137)

Protocol: NetBios Name Service

User:



[image]http://forums.isaserver.org/file:///C:/Program%20Files/Microsoft%20ISA%20Server/UI_HTMLs/_image/general/minusImg.gif[/image] Additional information

Number of bytes sent: 0 Number of bytes received: 0
Processing time: 0ms Original Client IP: 192.168.6.37
Client agent:
Questions are:
Why workstations try to connect to network brodcast IP? Some network configuration problems?
Do this need to be allowed?
Any Ideas?
Thak you in advance.

Regards
Tomas




Lockstock -> RE: NetBios Session/Datagram protocol blocked (11.Oct.2007 10:17:23 AM)

Hi there,

I am having the same issue. Did you find an answer?

Cheers




tsamoska -> RE: NetBios Session/Datagram protocol blocked (12.Oct.2007 2:24:09 AM)

Hi ,

Unfortunately I did not find answer yet.
Now a little bit busy, but will come back to this next week.
Hope that someone from community will advice until that[;)]

Regards
Tomas




Chris.Marsh -> RE: NetBios Session/Datagram protocol blocked (27.Dec.2007 4:55:42 AM)

I found this was giving me a problem with AVG Remote installation and that this stopped the software from scanning the domain for workstations.  I guess that this is blocked by default to stop external sources from scanning your network, but I can't see any problems if this is allowed to 'Internal' and 'Local Hosts' only prehaps someone with more knowledge might come back with comments on this.

I have now created a new Access Rule: -
Name:                         NetBIOS Services
Allow/Deny:                   Allow
Protocols:                    NetBIOS Datagram & NetBIOS Name Service
Access Rule Sources:          Internal & Local Host
Access Rule Destinations:     Internal & Local Host
User Sets:                    All Users


This has cured my problem with AVG Remote Installation.

Any comments would be greatly appreciated!

Regards
Chris




shaunguthrie -> RE: NetBios Session/Datagram protocol blocked (28.Dec.2007 5:47:15 PM)

I had the exact same issue when configured with one network interface.  I had talked to a Microsoft ISA technician on some other issues and asked him this same question and if that was normal.  His responce was as follows

"Yes that is normal.  We do not want the internal interface of ISA using DHCP and we also don't allow netbios to the localhost per the system policy.  This is for security reasons."




Page: [1]