Link to home
Start Free TrialLog in
Avatar of microfish
microfish

asked on

Script to check remote computer if windows firewall is running

I need a short cscript that checks if a remote computer has the windows firewall running and turned on.

Thanks!!
Avatar of ltlbearand3
ltlbearand3
Flag of United States of America image
Here is a real simple vb script to tell you the status.  Depending on what else you want to see check out all the firewall objects available through the api -

http://msdn2.microsoft.com/en-us/library/aa364720(VS.85).aspx

-Bear
Set firewall = CreateObject("HNetCfg.FwMgr")
Set firewallPolicy = firewall.LocalPolicy.CurrentProfile
Status = firewallPolicy.FirewallEnabled
If Status = 0 then
	wscript.echo "OFF"
else
	wscript.echo "ON"
end if bled

Open in new window

Avatar of William Elliott
William Elliott
Flag of United States of America image
possibly this can be worked using psexec, but from here
http://www.microsoft.com/technet/scriptcenter/resources/qanda/sept05/hey0916.mspx

"""..the Windows Firewall cannot be managed remotely; that means that this script must run locally on the computer where you need to disable the Firewall. If you need to disable the Firewall on only a few computers you could probably just go around from machine-to-machine and run the script; alternatively, you might want to run this as a computer startup script. Definitely not the most convenient way to do things, but you dont have a lot of choice: there arent even any command-line or GUI tools that can be used to manage the Firewall remotely. Outside of a logon or computer startup script, your only other option for remote management is to use Group Policy."""



if you'd like i can setup a logon script for this
Set objFirewall = CreateObject("HNetCfg.FwMgr")
Set objPolicy = objFirewall.LocalPolicy.CurrentProfile
 
if objPolicy.FirewallEnabled = FALSE then 
wscript.echo "my firewall is disabled"

Open in new window

ASKER CERTIFIED SOLUTION
Avatar of William Elliott
William Elliott
Flag of United States of America image
Link to home
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
Start Free Trial
Avatar of microfish
microfish

ASKER

Thanks for the quick response.  I'm looking for a script on run on a nbr of windows 2003 servers that verifies that the local firewall is turned on.  There is an exception rule already created on all servers to allow a certain server to monitor -- this is the server the I plan to run this script from.

There is no other method to remotely create that object and verify the firewall is on ?
Avatar of microfish
microfish

ASKER

Worked great.  I had to change the reg key to  "SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\" for win 2003 server.  thx!!

 
Avatar of microfish
microfish

ASKER

thx