Skip navigation

Users can't login if firewall is on

507 Views 8 Replies Latest reply: Feb 15, 2012 10:10 AM by Kurt Lang RSS
Kurt Lang Level 7 Level 7 (31,510 points)
Currently Being Moderated
Feb 14, 2012 10:08 AM

Although our server is behind a NAT firewall enabled router, I'd still like to have the built in firewall on. But if I turn it on, then we can't login to the server.

 

For info, we have a very simple setup. Two workstation Mac Pros and the server running on an older iMac are all connected to the same broadband router. Firewall off, no problem logging in from the Mac Pros. Firewall on, neither can login.

 

What settings do I need on the server to allow access to shared drives and folders with the firewall on?

Mac Pro, Mac OS X (10.6.8), Creo Eversmart Supreme II, Epson Stylus Pro 4900
  • Trey Level 5 Level 5 (4,220 points)
    Currently Being Moderated
    Feb 15, 2012 7:29 AM (in response to Kurt Lang)

    Are the clients bound to the server? Do you have users with home folders on the server, or do they only log in for file sharing?

     

    If it's jsut file sharing, I think all you should need would be Apple File Service (AFP) - 584 and (maybe) SMB/CIFS - Windows File Service - 139. Looks like both of those are on by default though, so maybe you have more going on than that?

  • Trey Level 5 Level 5 (4,220 points)
    Currently Being Moderated
    Feb 15, 2012 9:45 AM (in response to Kurt Lang)

    Sweet! Glad I could help! If you want to be EXTRA sure, you could disable all the services you know you aren't running. VPN and SSH stick out in my mind as being places where you could lock things down. Just go to the same Services panel where you enabled AFS and uncheck those boxes. Make sure to hit "save!"

  • Trey Level 5 Level 5 (4,220 points)
    Currently Being Moderated
    Feb 15, 2012 10:07 AM (in response to Kurt Lang)

    Well, you might experiment and see. I'd prolly leave TCP running as well as ICMP. But if you can block those ports and still do what you need to do, go for it!

Actions

More Like This

  • Retrieving data ...

Bookmarked By (0)

Legend

  • This solved my question - 10 points
  • This helped me - 5 points
This site contains user submitted content, comments and opinions and is for informational purposes only. Apple disclaims any and all liability for the acts, omissions and conduct of any third parties in connection with or related to your use of the site. All postings and use of the content on this site are subject to the Apple Support Communities Terms of Use.