Jump to content



Photo

IPAM Access Blocked in Server 2012 ?

ipam

  • Please log in to reply
4 replies to this topic

#1 TPreston

TPreston

    Neowinian Senior

  • Tech Issues Solved: 1
  • Joined: 18-July 12
  • Location: Ireland
  • OS: Windows 8.1 Emterprise & Server 2012R2/08R2 Datacenter
  • Phone: Nokia Lumia 1520 Black

Posted 04 March 2013 - 21:59

Has anyone else experienced this ? I added the IPAM feature to a new server provisioned it using the group policy option (it for some reason did not create the gpos even though I was logged in as domain\administrator so I ran the Invoke-IpamGpoProvisioning cmd and did a gpupdate /force on the dc and DHCP servers and even after a reboot and then refresh in the console the status is still coming up as access blocked. The firewall rules are being created on the destination servers.

The only thing I could think of was the TMG server was blocking IPAM traffic but nothing is showing up as blocked in the logs.

The DNS servers show up as eventlog access status blocked (dns)

even though I can browse the dns eventlog remotely using the mmc snapin ?


#2 cluberti

cluberti

    Neowinian

  • Joined: 01-January 10

Posted 04 March 2013 - 22:03

When you configure it in an environment without the TMG firewall, does it work? I've seen TMG cause issues like this before (numerous reasons) and logging everything based on IP address usually gives up the reasoning if it is TMG. If the rules are created in the firewall profile in use on each server, then it's usually not server-side.

I have seen Cisco network access protection on networks cause issues here too, but those showed up in the Cisco logs and were obvious.

#3 OP TPreston

TPreston

    Neowinian Senior

  • Tech Issues Solved: 1
  • Joined: 18-July 12
  • Location: Ireland
  • OS: Windows 8.1 Emterprise & Server 2012R2/08R2 Datacenter
  • Phone: Nokia Lumia 1520 Black

Posted 04 March 2013 - 22:23

I created a firewall rule to bypass all traffic and filtering with no luck Its my first time trying to deploy this and all the videos made it look easy not sure where im going wrong the jobs are definitely running when I start them on the ipam console but I cant get rid of the blocked status.

#4 OP TPreston

TPreston

    Neowinian Senior

  • Tech Issues Solved: 1
  • Joined: 18-July 12
  • Location: Ireland
  • OS: Windows 8.1 Emterprise & Server 2012R2/08R2 Datacenter
  • Phone: Nokia Lumia 1520 Black

Posted 05 March 2013 - 01:02

Ok I found the solution, Nothing to do with firewall settings

http://edwardvbs.wor...us-blocked-dns/

Just added the IPAM server to domain\builtin\Administrators in active directory users and computers.

Same thing I needed to do to get SQL always on working.

For DHCP I had to make a share http://technet.micro...8311.aspx#audit and add ipamug to dhcp users and admins local group on the dhcp server

#5 cluberti

cluberti

    Neowinian

  • Joined: 01-January 10

Posted 05 March 2013 - 04:05

Interesting - I don't remember ever having to do that, but if it works, go with it :).