[2 days left] What’s wrong with your cloud strategy? Learn why multicloud solutions matter with Nimble Storage.Register Now


SP2 Firewall

Posted on 2004-10-21
Medium Priority
Last Modified: 2013-12-04
We will be rolling out SP2 Enterprise Wide at some point over the next several months.  Once all our systems are running SP2 how can I turn off the Firewall, which is on by default?  Is there some registry hack I can push out?  Thx in advance.
Question by:psych0naut
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions

Expert Comment

ID: 12373186
That was answered recently by this article, using GPOs :


Expert Comment

ID: 12373421
Using the above information, I would recommend not turning it off, but instead, using GPO's to only enable the ports that need to be open. By completely turning off the firewall, you are shutting down a big piece of the network security features.

Expert Comment

ID: 12373470
A very good thought.
Industry Leaders: We Want Your Opinion!

We value your feedback.

Take our survey and automatically be enter to win anyone of the following:
Yeti Cooler, Amazon eGift Card, and Movie eGift Card!

LVL 27

Accepted Solution

Asta Cu earned 200 total points
ID: 12374732
FREE Microsoft XP SP2 support
Windows XP Service Pack 2 (SP2) for IT Professionals
":0)  Asta

P.S.  If you want walkthroughs... let us know.
LVL 27

Expert Comment

by:Asta Cu
ID: 12374748
How to install Windows XP Service Pack 2 (SP2) by using Systems Management Server
Back to work, good luck on your adventure.
":0) Asta

Expert Comment

ID: 12376053
If you find you can't use GPO without a Windows 2003 server, you can still set firewall options via a login script...

Put a line in the login script like:

netsh -f \\servername\netlogon\xpfw.nsh

Then put the xpfw.nsh file in the sysvol's scripts directory with entries like:

firewall set portopening protocol = ALL port = 497 name = "Retrospect Backup" mode = ENABLE scope = SUBNET profile = DOMAIN
firewall set portopening protocol = TCP port = 139 name = "File and Printer Sharing" mode = ENABLE scope = SUBNET profile = DOMAIN
firewall set portopening protocol = TCP port = 445 name = "File and Printer Sharing" mode = ENABLE scope = SUBNET profile = DOMAIN
firewall set portopening protocol = UDP port = 137 name = "File and Printer Sharing" mode = ENABLE scope = SUBNET profile = DOMAIN
firewall set portopening protocol = UDP port = 138 name = "File and Printer Sharing" mode = ENABLE scope = SUBNET profile = DOMAIN

Read all about the netsh command in sites like:

or google for your own!
LVL 27

Expert Comment

by:Asta Cu
ID: 12437746
Thank you.  Did you get the solution you needed or would you like to discuss further?  It definitely would add value to this question thread for others if you can provide some information on the solution now that it has moved to our PAQ (Previously Asked Questions database).

I've used the Free XP SP2 support Tech Chat interface a few times and have a current issue working; they've been GREAT.  I feel this benefits us all in the long run, since some of the issues resulted in new additions to the Microsoft Knowledge Base for other to find and hopefully will be fixed incorporated in the next Service Pack or Windows release.  In all, a win/win scenario.


Featured Post

When ransomware hits your clients, what do you do?

MSPs: Endpoint security isn’t enough to prevent ransomware.
As the impact and severity of crypto ransomware attacks has grown, Webroot has fought back, not just by building a next-gen endpoint solution capable of preventing ransomware attacks but also by being a thought leader.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Many of us in IT utilize a combination of roaming profiles and folder redirection to ensure user information carries over from one workstation to another; in my environment, it was to enable virtualization without needing a separate desktop for each…
Users of Windows 10 Professional can disable automatic reboots using the policy editor. This tool is not included in the Windows home edition. But don't worry! Follow the instructions below to install (a Win7) policy editor on your Windows 10 Home e…
Video by: ITPro.TV
In this episode Don builds upon the troubleshooting techniques by demonstrating how to properly monitor a vSphere deployment to detect problems before they occur. He begins the show using tools found within the vSphere suite as ends the show demonst…
Sometimes it takes a new vantage point, apart from our everyday security practices, to truly see our Active Directory (AD) vulnerabilities. We get used to implementing the same techniques and checking the same areas for a breach. This pattern can re…
Suggested Courses

656 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question