Enhanced Security Measures in Place: To ensure a safer experience, we’ve implemented additional, temporary security measures for all users.
01-30-2013 04:19 PM
setupHello,
I have been struggling with this all day, and I think I have it narrowed down, but can't seem to nail it down yet.
I have a test Hyper-V 2012 server in the data center, and all my services are working properly, except being able to connect to the VM's via Virtual Machine Connection. It uses TCP Port 2179 and is basically RDP, just running on this port instead of 3389. I have everything else working properly, but for some reason, when I either add a service with this port, it breaks MSRPC application, and if I add the tcp port to an application object, it still doesn't work. Looking at the logs and the pcaps, the firewall is doing what it is supposed to and dropping them, but it shouldn't be if I have the rules setup.
After spending 8 hours searching Google, Bing, Yahoo, Ask, and countless other search engines, including here, I have found not a single person or organization that is running Hyper-V behind a Palo Alto Firewall.
Any direction as to how to setup the Application or the Service to get this working would be great. Currently I have this server doing an allow all from both zones, so basically this server is not being protected by my firewall at all.
Any help would be greatly appreciated.
Thanks,
Lucas Williams
01-31-2013 09:10 AM
I figured it out. I ended up moving away from the App-ID way and going with services. I just looked at the network flow and seen what ports were being called and created services for each port and then put them into a Service Group and applied it to my Hyper-V rule and now everything is working.
01-31-2013 09:10 AM
I figured it out. I ended up moving away from the App-ID way and going with services. I just looked at the network flow and seen what ports were being called and created services for each port and then put them into a Service Group and applied it to my Hyper-V rule and now everything is working.
01-31-2013 10:06 AM
Thanks for following up on this one, I'm sure it will help other folks who are in a Hyper-V environment
01-31-2013 11:40 AM
Do be more specific what I did:
Click Accept as Solution to acknowledge that the answer to your question has been provided.
The button appears next to the replies on topics you’ve started. The member who gave the solution and all future visitors to this topic will appreciate it!
These simple actions take just seconds of your time, but go a long way in showing appreciation for community members and the LIVEcommunity as a whole!
The LIVEcommunity thanks you for your participation!
