Disable Windows Firewall Using Netsh or GP

Posted on 2004-09-19
Medium Priority
Last Modified: 2008-01-09
Hello Experts,
My problem is that the windows Firewall included in XP SP2 blocks most programs i use in my LAN where i don't have a real security danger, how can i disable it using netsh utility or Group policy in 2000 server Domain.
I louked at the MS white paper about SP2 Window Firewall and i didn't found any helpfull information.

Please Help
Question by:alaweb

Expert Comment

ID: 12095722
I think thats what you are trying to do.

*  From the Windows XP desktop, click Start, click Run, type mmc, and then click OK.
*  On the File menu, click Add/Remove Snap-in.
*  On the Standalone tab, click Add.
*  In the Available Standalone Snap-ins list, click Group Policy Object Editor, and then click Add.
*  In the Select Group Policy Object dialog box, click Browse.
*  In the Browse for a Group Policy Object, click the Group Policy object that you want to update with the new Windows Firewall settings.
*  Click OK.
*  Click Finish to complete the Group Policy Wizard.
*  In the Add Standalone Snap-in dialog box, click Close.
*  In the Add/Remove Snap-in dialog box, click OK.

*  In the console tree, open Computer Configuration, Administrative Templates, Network, Network Connections, and then Windows Firewall.

Detail information

Author Comment

ID: 12095904
I tried This, It work on the PCs but i don't want to go to every 80 PC and do this, if this was the case i take the easiet way : Control Pannel > Windows Firewall > Disable
I want a solution like yours but using Windows 2000 Server Group Policy or using a bat file (Netsh) that i can execute on each PC remotly,
LVL 86

Expert Comment

ID: 12096069
You could use sth. like

netsh firewall set adapter Local Area Connection filtering=disable


netsh firewall set adapter Local Area Connection port 80=enable protocol=tcp

See e.g.

http://www.microsoft.com/technet/itsolutions/network/security/ipv6fw/hcfgv601.mspx ("To configure IPv6 Internet Connection Firewall")
http://support.microsoft.com/default.aspx?scid=kb;en-us;839980 ("How to use a script to programmatically open ports for SQL Server to use on systems that are running Windows XP Service Pack 2")

They both address different issues, but serve well as examples.

Keep up with what's happening at Experts Exchange!

Sign up to receive Decoded, a new monthly digest with product updates, feature release info, continuing education opportunities, and more.


Accepted Solution

Worked4me earned 1500 total points
ID: 12096469

The netsh command is netsh firewall set opmode disable to disable it on that machine.

Good Luck.

Author Comment

ID: 12099926
It works, I will now Try to deploy it around The entire network.
Thanks Expert :)

Expert Comment

ID: 12100380

  Glad I could help.

Author Comment

ID: 12116345
For deployment accross the network i had a problem: to disable Windows firewall the user had to be an administrator i used the runas command which also had a small problem :it prompt for the password, i finally used runas+sanur a utility that complete runas :
the result was like that :
%windir%\system32\runas.exe /user:DOMAIN\AN_ADMIN_USER "the bat file" | \\SERVER\NETLOGON\sanur PASSWORD



Featured Post

Free Tool: Port Scanner

Check which ports are open to the outside world. Helps make sure that your firewall rules are working as intended.

One of a set of tools we are providing to everyone as a way of saying thank you for being a part of the community.

Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

Join & Write a Comment

There are 2 things you must have in order to connect to the internet behind a router, The "Gateway IP" of the router, which is usually something like 192.168.xxx.1, I've seen routers with default values of:,,, …
This article provides a convenient collection of links to Microsoft provided Security Patches for operating systems that have reached their End of Life support cycle. Included operating systems covered by this article are Windows XP,  Windows Server…
Two types of users will appreciate AOMEI Backupper Pro: 1 - Those with PCIe drives (and haven't found cloning software that works on them). 2 - Those who want a fast clone of their boot drive (no re-boots needed) and it can clone your drive wh…
The video provides a quick and easy steps to migrate MBOX file to well known Outlook PST and Office 365. Besides this, it also supports and migrates more than 20 email clients of MBOX which include AppleMail, Opera, Thunderbird and SeaMonkey effortl…

597 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question