Browser backup List and firewalls

  • Thread starter Thread starter James W. Long
  • Start date Start date
J

James W. Long

Dear All:

I run a software firewall (sygate) on this client
and this occurs.The client is trying to get to my DC,
but never makes it.

If I remove the firewall then no problem anymore.

I can browse the DC fine from the client. The DC can
browse this client.

what process or executable do I need to allow
(or ports) to let this nebios(?) communication through?

Thank you in advance!
James W. Long.


Event Type: Error
Event Source: BROWSER
Event Category: None
Event ID: 8032
Date: 12/26/2004
Time: 2:16:13 PM
User: N/A
Computer: HAL9000
Description:
The browser service has failed to retrieve the backup list too many times on
transport \Device\NetBT_Tcpip_{76E87BCB-41A8-440C-95C4-8586665FE1BF}. The
backup browser is stopping.
Data:
0000: 40 00 00 00 @...
 
In James W. Long <[email protected]> made a post then I commented below
:: Dear All:
::
:: I run a software firewall (sygate) on this client
:: and this occurs.The client is trying to get to my DC,
:: but never makes it.
::
:: If I remove the firewall then no problem anymore.
::
:: I can browse the DC fine from the client. The DC can
:: browse this client.
::
:: what process or executable do I need to allow
:: (or ports) to let this nebios(?) communication through?
::
:: Thank you in advance!
:: James W. Long.
::
::
:: Event Type: Error
:: Event Source: BROWSER
:: Event Category: None
:: Event ID: 8032
:: Date: 12/26/2004
:: Time: 2:16:13 PM
:: User: N/A
:: Computer: HAL9000
:: Description:
:: The browser service has failed to retrieve the backup list too many
:: times on transport
:: \Device\NetBT_Tcpip_{76E87BCB-41A8-440C-95C4-8586665FE1BF}. The
:: backup browser is stopping.
:: Data:
:: 0000: 40 00 00 00 @...

Is there an option in Sygate to allow all communication from an IP or a
range of IPs?

FYI: The browse ports are:
139 TCP and UDP (for NetBIOS)
445 TCP and UDP (for SMB)

If the client is XP, why not just use XP's ICF? It has provisions to allow
MS Client traffic.

Ace
 
FYI: The browse ports are:
139 TCP and UDP (for NetBIOS)
445 TCP and UDP (for SMB)
Click to expand...

You will possible need to include 137, 138
in some cases.

137 is mainly name registration & release and
name resolution.

I think 138 is used to register (offer services)
with the Master Browser. It might also be used
for elections.

Enabling NetBT to Open IP Ports Exclusively
http://support.microsoft.com/kb/241041

Assignments are outlined here:
http://www.microsoft.com/resources/...00/server/reskit/en-us/cnet/cnfc_por_SIMW.asp

http://www.microsoft.com/resources/...00/server/reskit/en-us/cnet/cnbb_tcp_jeps.asp

Programs and Services:

Server service if the machine offers shares.

Workstation service

If the machine is a Browser Master (or you want
to make sure it doesn't APPOINT itself as one by
failure to find another, you may need to include
the BROWSER service.
 
"Ace Fekay [MVP]"
In James W. Long <[email protected]> made a post then I commented below
:: Dear All:
::
:: I run a software firewall (sygate) on this client
:: and this occurs.The client is trying to get to my DC,
:: but never makes it.
::
:: If I remove the firewall then no problem anymore.
::
:: I can browse the DC fine from the client. The DC can
:: browse this client.
::
:: what process or executable do I need to allow
:: (or ports) to let this nebios(?) communication through?
::
:: Thank you in advance!
:: James W. Long.
::
::
:: Event Type: Error
:: Event Source: BROWSER
:: Event Category: None
:: Event ID: 8032
:: Date: 12/26/2004
:: Time: 2:16:13 PM
:: User: N/A
:: Computer: HAL9000
:: Description:
:: The browser service has failed to retrieve the backup list too many
:: times on transport
:: \Device\NetBT_Tcpip_{76E87BCB-41A8-440C-95C4-8586665FE1BF}. The
:: backup browser is stopping.
:: Data:
:: 0000: 40 00 00 00 @...

Is there an option in Sygate to allow all communication from an IP or a
range of IPs?
Click to expand...


yes there is and I have those set to the range that the clients/servers
occupy.

FYI: The browse ports are:
139 TCP and UDP (for NetBIOS)
445 TCP and UDP (for SMB)
Click to expand...


Thank you!
If the client is XP, why not just use XP's ICF? It has provisions to allow
MS Client traffic.
Click to expand...

Its not xp. Its a 2k box, I neglected to say what it was.
anyway I would prefer sygate over XP's firewall.

James
 
Wow:

Thanks Ace and Herb!

I know this info will get it straightened out.

James W. Long
 
One other caveat: The process may not be listed
as Workstation, Server, or Browser but may instead
appear as something else like SvcHost etc.

It seems the svchost processes are (sometimes) used
as an agent or something -- I never have fully understood
the hand-off of responsibility (but I don't like what
it does to a firewall because then it is difficult to make
an informed decision about the TRUE owning process
of the request.)
 
Back
Top