Want to win a PS4? Go Premium and enter to win our High-Tech Treats giveaway. Enter to Win

x
?
Solved

Windows Vista Firewall -  Computer and User authorization

Posted on 2009-06-29
8
Medium Priority
?
380 Views
Last Modified: 2012-05-07
Hi experts,
i'm trying to create windows vista firewall inbound rules based on predefined firewall groups like remote desktop and eventlog management...
There's is an option the to only allow secure connections where i can configure user and computer accounts which are then allowed to connect to the computer throught the firewall exceptions.

But it is not working.Any ideas?
Do i to have configure ipsec policies as well (ipsec filter - source address, destination address, protocol, port...)?
I don't hope that because it seems to be, that those have to be configured based on ports and not all firewall exception groups i'm trying to use have static ports....
0
Comment
Question by:merowinger
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 4
  • 4
8 Comments
 
LVL 12

Expert Comment

by:dlan75
ID: 24737171
Hi,
Make sure you have configured your router's nat properly.
You should consider using a third party security software instead of the one included in windows. They work much better.
All firewall rules, on the windows firewall or on any other one are configured on a port basis. Now the third party tools like Kaspersky, Eset, etc, allow the exe of your program to pass through the firewall rules regardless the ports it uses.
0
 
LVL 31

Author Comment

by:merowinger
ID: 24737519
I do not have the choice two choose another firewall.
0
 
LVL 12

Expert Comment

by:dlan75
ID: 24738612
Well sorry but windows firewall is limited compared to third parties ones ! (which sounds normal though) you can only open or close ports on windows firewall.
why don't you get zonealarm personal edition? It is free
0
Technology Partners: We Want Your Opinion!

We value your feedback.

Take our survey and automatically be enter to win anyone of the following:
Yeti Cooler, Amazon eGift Card, and Movie eGift Card!

 
LVL 31

Author Comment

by:merowinger
ID: 24740387
I'm not talking about my home computer!! I'm talking about 1000 clients!! Windows Firewall settings via group policy in an active directory environment!
0
 
LVL 12

Expert Comment

by:dlan75
ID: 24743013
Hi,
Well you still can use gpo to distribute any soft to your clients.
In that kind of environment, you use local firewall only on nomades ! You should normally have a phisical firewall on your network
I'm still sorry but you cannot use windows firewall to allow a specific application on different ports. Well you can do it but then you have to configure all ports used by the app. Can you shorten the port range used by the app?
0
 
LVL 31

Author Comment

by:merowinger
ID: 24743183
In Windows Firewall there are prefenied firewall group "Remote Management", "Eventlog", "FileSystem", Remote-WMI"...
The only problem is, that i want to enable them only for a specific user and computer. This is possible in those predefnied rules...but not working!?!
0
 
LVL 12

Expert Comment

by:dlan75
ID: 24743579
Hi,
You can create a specific configuration for a user then export and import it to all the users that should have it, just saw that on windows 7, should be available on vista
0
 
LVL 31

Accepted Solution

by:
merowinger earned 0 total points
ID: 24743651
It's also possible in Windows Vista yes...but i assume that i need some IPSec Policies as well for the specific ports....
The problem is that some firewall groups like remote management use dynamic ports, so that i don't know which ports to define in the ipsec policy
0

Featured Post

Industry Leaders: We Want Your Opinion!

We value your feedback.

Take our survey and automatically be enter to win anyone of the following:
Yeti Cooler, Amazon eGift Card, and Movie eGift Card!

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

This article provides a convenient collection of links to Microsoft provided Security Patches for operating systems that have reached their End of Life support cycle. Included operating systems covered by this article are Windows XP,  Windows Server…
Windows Server 2003 introduced persistent Volume Shadow Copies and made 2003 a must-do upgrade.  Since then, it's been a must-implement feature for all servers doing any kind of file sharing.
Finding and deleting duplicate (picture) files can be a time consuming task. My wife and I, our three kids and their families all share one dilemma: Managing our pictures. Between desktops, laptops, phones, tablets, and cameras; over the last decade…
In this video, viewers are given an introduction to using the Windows 10 Snipping Tool, how to quickly locate it when it's needed and also how make it always available with a single click of a mouse button, by pinning it to the Desktop Task Bar. Int…

609 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question