StarWind Software

Hello,

I'm evaluating StarWind Target x64 in Windows Server 2008 x64.
Upon installation, I found that Initiator cannot connect to target when Windows Firewall is enabled. I tried to enable iSCSI Service exception in the Windows Firewall, but it doesn't help. Finally I figured out that I need to create Inbound Rule to open port 3260. However:

1. I'm quite surprised that neither setup program, not online help say a word about firewall configuration.
2. I would like to see detailed instructions how to configure firewall. For example, I figured out that I need an Inbound rule for open port 3260 only, but I have no idea how to properly configure additional parameters for Server 2008 (e.g. Programs and Services Tab of Firewall rule).
3. Also in my understanding after reading of this forum, some additional Firewall configuration may be required in specific situations. For example, I would imagine, that if I choose "Enable automatic target iSNS registration", I would need to create corresponding rule on iSNS server computer. Also I understood that sometimes (when?) port 3261 have to be open.

Shortly it would be great if you could make a document adressing all firewall issues and configuration steps.

1) StarWind is network application. It's quite strightforward it has to use some port to accept incoming connections

2) There are ~30 commercial firewalls. Having ALL of them covered is undoable

3) 3261 (or actually iSCSI base + 1) port must be open ALWAYS if you want to configure your target from the remote machine.

Metek wrote:Hello,

I'm evaluating StarWind Target x64 in Windows Server 2008 x64.
Upon installation, I found that Initiator cannot connect to target when Windows Firewall is enabled. I tried to enable iSCSI Service exception in the Windows Firewall, but it doesn't help. Finally I figured out that I need to create Inbound Rule to open port 3260. However:

1. I'm quite surprised that neither setup program, not online help say a word about firewall configuration.
2. I would like to see detailed instructions how to configure firewall. For example, I figured out that I need an Inbound rule for open port 3260 only, but I have no idea how to properly configure additional parameters for Server 2008 (e.g. Programs and Services Tab of Firewall rule).
3. Also in my understanding after reading of this forum, some additional Firewall configuration may be required in specific situations. For example, I would imagine, that if I choose "Enable automatic target iSNS registration", I would need to create corresponding rule on iSNS server computer. Also I understood that sometimes (when?) port 3261 have to be open.

Shortly it would be great if you could make a document adressing all firewall issues and configuration steps.

Anton,

I did not mean to offend you. I simply gave you suggestion how to improve product usability. Specifically in trial version.

Please remember that you are internal. You spend your live with StarWind product. I'm a customer. At start of the evaluation I know strictly nothing about your product and, honestly, I just need quickly configure your product and check if it helps with my problem. I'm not specifically interested how your stuff works and do not want spend time to learn.

>> StarWind is network application. It's quite strightforward
>> it has to use some port to accept incoming connections

Sure. Less evident is that your product do not need outgoing filter. It's also written nowhere in documentation which ports and in which situation need to be open. Finally big surprise for me (sorry, I'm not so bright as you) was that enabling standard iSCSI rule in Server 2008 had no effect (because Server 2008 rule is bind to specific application).

>> 2) There are ~30 commercial firewalls. Having ALL
>> of them covered is undoable

Sure. a) However your product installs on top of Windows. You may ignore third-party products, but not the Firewall which is integral part of Windows itself. b) I see no problem to write into documentation at least which port need to be open in each situation.

>> 3) 3261 (or actually iSCSI base + 1) port must be open ALWAYS if you want to configure your target from the remote machine.

I figured it out reading the forum. However I would suggest that this sentence is written in the documentation.

OK

= thread closed =