×
cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 
dean4if
Contributor II
Message 1 of 7

McAfee Firewall blocking ability to find Domain Controller

Jump to solution

On my internal network, I have a Windows 2012 R2 Domain Controller running an instance of McAfee Total Protection. When the Firewall is enabled, I get a NETLOGON Event 5719 and failures as well as failures generating SSPI context. When I temporarily turn off the Firewall on the Domain Controller, these problems go away. I have added the recommended Active Directory Domain Services ports to the Firewall, but still get these connection problems. Is there a way to disable the McAfee Firewall and enable use of the built in Windows Firewall on the Domain Controller?

Thanks, Dean

Tags (1)
1 Solution

Accepted Solutions
dean4if
Contributor II
Message 5 of 7

Re: McAfee Firewall blocking ability to find Domain Controller

Jump to solution

The short response is ... I found the problem and all is now good.

The long response is ... I am recovering from an attack that crashed most of my internal network that has been running mostly problem free for well over 15 years.  I use the network, along with various Virtual Machine servers to test and investigate Web and SQL based technologies used for my 'day job'. and setup and evaluate new technologies like SharePoint, Exchange Email and Team Foundation Server (TFS).

Problems sometimes lead to changes that are positive in the long run ... In my case, the problems caused me to stop using my own Exchange Email server and go to a reasonably priced hosted solution and this has been a wonderfully positive experience.

But, my work involves strong technical experience in Web and SQL technologies, so I am rebuilding IIS and SQL servers for an Active Directory network supporting my ongoing analysis and testing needs.

So to answer how I found and fixed my problem reported in this post, here goes.

Before the problems noted above, I was using Windows Firewall and the advanced features to open appropriate ports (based on Public, Private and Domain environments) for various VM servers as needed (for example, Port 80 and 443 for Web Servers).

While working to recover from the problems, I installed McAfee Total Protection (supporting as many devices as I need, which is a great offering) on every new VM that I had to build.

Because I was used to the Windows Firewall, this influenced my mindset on how to configure the McAfee Personal Firewall installed as part of the Total Protection package.  I focused on using the 'Ports and System Services' settings and not on the 'My Network Connections' settings.

By properly defining the appropriate subnets for Home versus Work versus Public in the 'My Network Connections' settings, I was able to get all of my internal servers communicating and my problems are all now resolved.

Hope these details might offer someone else down the road some useful info ... Best regards, Dean

View solution in original post

6 Replies
sivasubramanian
Moderator
Moderator
Message 2 of 7

Re: McAfee Firewall blocking ability to find Domain Controller

Jump to solution

Hi,

By any chance are you using an enterprise product or which McAfee product that you are using.

Regards,
Siva

 

If this information was helpful in any way or answered your question, please mark it as the accepted solution and give Kudos if appropriate.
Tags (1)
dean4if
Contributor II
Message 3 of 7

Re: McAfee Firewall blocking ability to find Domain Controller

Jump to solution

Hi Siva,

The Personal Firewall component of the Total Protection product.

Thanks for any info you can offer ... Regards, Dean

sivasubramanian
Moderator
Moderator
Message 4 of 7

Re: McAfee Firewall blocking ability to find Domain Controller

Jump to solution

Hi Dean,

I have sent you a PM

Regards,
Siva

 

If this information was helpful in any way or answered your question, please mark it as the accepted solution and give Kudos if appropriate.
dean4if
Contributor II
Message 5 of 7

Re: McAfee Firewall blocking ability to find Domain Controller

Jump to solution

The short response is ... I found the problem and all is now good.

The long response is ... I am recovering from an attack that crashed most of my internal network that has been running mostly problem free for well over 15 years.  I use the network, along with various Virtual Machine servers to test and investigate Web and SQL based technologies used for my 'day job'. and setup and evaluate new technologies like SharePoint, Exchange Email and Team Foundation Server (TFS).

Problems sometimes lead to changes that are positive in the long run ... In my case, the problems caused me to stop using my own Exchange Email server and go to a reasonably priced hosted solution and this has been a wonderfully positive experience.

But, my work involves strong technical experience in Web and SQL technologies, so I am rebuilding IIS and SQL servers for an Active Directory network supporting my ongoing analysis and testing needs.

So to answer how I found and fixed my problem reported in this post, here goes.

Before the problems noted above, I was using Windows Firewall and the advanced features to open appropriate ports (based on Public, Private and Domain environments) for various VM servers as needed (for example, Port 80 and 443 for Web Servers).

While working to recover from the problems, I installed McAfee Total Protection (supporting as many devices as I need, which is a great offering) on every new VM that I had to build.

Because I was used to the Windows Firewall, this influenced my mindset on how to configure the McAfee Personal Firewall installed as part of the Total Protection package.  I focused on using the 'Ports and System Services' settings and not on the 'My Network Connections' settings.

By properly defining the appropriate subnets for Home versus Work versus Public in the 'My Network Connections' settings, I was able to get all of my internal servers communicating and my problems are all now resolved.

Hope these details might offer someone else down the road some useful info ... Best regards, Dean

apetzTA
Contributor
Message 6 of 7

Re: McAfee Firewall blocking ability to find Domain Controller

Jump to solution

Oh I have no idea what this means. I am really bad when it comes to handle all info and overall the spectra on this topic. It is always so very much info to read. I is as everyone need to be educated in IT. I am more the abstract academic thinker.....But seriously, when you cant process all info, and the problem is that I am highjacked. Have just let the program run uppdating, cleaning etc, but how can I be sure that the person is blocked?

 

I have deaththreats. It started on my smartphone that in this writing moment, taken care of by the Stockholm police. Then I realezed that he was in my PC as well. Even in my recerve mobile that mostly is offline. It is no simcard in it, but I can google and do some things. I was in the same situation 2016. The highjacker was very skilled. I was not the  first or only person he hacked. No one belived me. I was taken by the police to the psychiatric clinic. After a week they let me go, cause I was playing along. I throu myself on th PC and googled in swedish, can you highjack a smartphone? The first hit was Swedish Television News loggotype. There the security expert explained exactly just what happened to me. Like taking photoes, recording etc. I knew I was not in a psycosis! I am a theologist and am very careful when I express myself on the subject Islam. I observe more than I write. But I listen a lot to schollar classes etc. I have a severe disease so I can not use my knowlede as I would have if I was healthy. So you think by 95%, he or they just want to scare you. But am I willing to take the acute threat at that moment by not leaving my home. Ex, The threat is clear, the google map where I live, the car an the week after, google map showing that the car was about ten minutes away. I took my dogs and electric wheelchair and left. As you understand I did not want to get in contact with the local police. I drove home after some hours totally exhausted. I left the dogs and took my phone that had been home when I rolled of course. So I sent it to our capital city and is still an open case. 

Now I am using a non computer phone, but of course I want to go online. So I use my PC. But it is not only me controlling it. I hope the Affee protection helps. I feel wathced, listend to, etc all the time. 

I would appriciate some advice. 

Kindly

Annika

 

 

 

Tags (1)
sivasubramanian
Moderator
Moderator
Message 7 of 7

Re: McAfee Firewall blocking ability to find Domain Controller

Jump to solution

@apetzTA

Do you still face this issue in your PC now.  Does McAfee shows your computer is secured. 

If this information was helpful in any way or answered your question, please mark it as the accepted solution and give Kudos if appropriate.
How Many Badges Can You Collect?
Ready for a little competition? Members like you are earning badges and unlocking perks for their helpful answers. Are you? Click here to find out.

Community Help Hub

    New to the forums or need help finding your way around the forums? There's a whole hub of community resources to help you.

  • Find Forum FAQs
  • Learn How to Earn Badges
  • Ask for Help
Go to Community Help

Join the Community

    Thousands of customers use the McAfee Community for peer-to-peer and expert product support. Enjoy these benefits with a free membership:

  • Get helpful solutions from McAfee experts.
  • Stay connected to product conversations that matter to you.
  • Participate in product groups led by McAfee employees.
Join the Community
Join the Community