The past week I’'ve been working with the latest Wildfire and Spark builds and have deployed them in a domain. Everything worked at first and it is very impressive. I initially ran Wildfire from clicking the program listing in Windows but wanted it to be ran as a service. However if Wildfire is running as a service no Spark clients can connect to it other than a Spark client located on that same machine. If I stop the service and fire up Wildfire from the programs list all works well again.
I’‘ve tried changing the security context that the Wildfire service runs under from Local System to a domain admin account (mine) to see if that would make any difference. It didn’'t.
Wildfire is installed on WinXP Pro (guest operating system) as a virtual machine from Windows Virtual Server 2005 R2. The host operating system and domain controller is SBS 2003 Premium (there is ISA 2004 running in this network). Additionally I installed IIS on the XP machine thinking that would be necessary for the admin site to work (though I now understand that wasn’'t necessary) and it is still there though disabled.
Any thoughts?
BTW the logs on Wildfire don’‘t show anything relevant that I could see; however the log file from the Spark client machines seems to have more information which I’'ll copy below:
Here’'s the output. It looks like everying but 7777 is in there but none of the remote Spark clients are going to reach a 0.0.0.0 address; those 0.0.0.0 listings seem odd. Yes, the admin console is resolving to http:/ /wildfireservername:9090.
netstat -an
Active Connections
Proto Local Address Foreign Address State
TCP 0.0.0.0:135 0.0.0.0:0 LISTENING
TCP 0.0.0.0:445 0.0.0.0:0 LISTENING
TCP 0.0.0.0:3389 0.0.0.0:0 LISTENING
TCP 0.0.0.0:5222 0.0.0.0:0 LISTENING
TCP 0.0.0.0:5223 0.0.0.0:0 LISTENING
TCP 0.0.0.0:5269 0.0.0.0:0 LISTENING
TCP 0.0.0.0:9090 0.0.0.0:0 LISTENING
TCP 0.0.0.0:9091 0.0.0.0:0 LISTENING
TCP 127.0.0.1:1079 0.0.0.0:0 LISTENING
TCP 192.168.0.113:139 0.0.0.0:0 LISTENING
TCP 192.168.0.113:1136 192.168.0.10:445 ESTABLISHED
TCP 192.168.0.113:1156 192.168.0.10:8080 ESTABLISHED
TCP 192.168.0.113:1161 192.168.0.113:5222 ESTABLISHED
TCP 192.168.0.113:3389 192.168.0.10:2355 ESTABLISHED
TCP 192.168.0.113:5222 192.168.0.113:1161 ESTABLISHED
The XP firewall is on; however, there is an exception for Wildfire Server and Spark listed and checked in the exceptions.
…and why would the firwall only be having an adverse effect when running Wildfire as a service vs. the click-to-run program? …unless the Wildfire Server listing isn’‘t for the correct executable and the service executable needs added …hmm I’'ll test this too
though it doesn’‘t make sense to me at this time I’‘ll go ahead and create a GPO that disables the XP firewall and move that computer into an OU that I’‘ll apply this special GPO. I’'ll test and post back.