We help IT Professionals succeed at work.

Windows Vista Firewall -  Computer and User authorization

Medium Priority
392 Views
Last Modified: 2012-05-07
Hi experts,
i'm trying to create windows vista firewall inbound rules based on predefined firewall groups like remote desktop and eventlog management...
There's is an option the to only allow secure connections where i can configure user and computer accounts which are then allowed to connect to the computer throught the firewall exceptions.

But it is not working.Any ideas?
Do i to have configure ipsec policies as well (ipsec filter - source address, destination address, protocol, port...)?
I don't hope that because it seems to be, that those have to be configured based on ports and not all firewall exception groups i'm trying to use have static ports....
Comment
Watch Question

CERTIFIED EXPERT

Commented:
Hi,
Make sure you have configured your router's nat properly.
You should consider using a third party security software instead of the one included in windows. They work much better.
All firewall rules, on the windows firewall or on any other one are configured on a port basis. Now the third party tools like Kaspersky, Eset, etc, allow the exe of your program to pass through the firewall rules regardless the ports it uses.

Author

Commented:
I do not have the choice two choose another firewall.
CERTIFIED EXPERT

Commented:
Well sorry but windows firewall is limited compared to third parties ones ! (which sounds normal though) you can only open or close ports on windows firewall.
why don't you get zonealarm personal edition? It is free

Author

Commented:
I'm not talking about my home computer!! I'm talking about 1000 clients!! Windows Firewall settings via group policy in an active directory environment!
CERTIFIED EXPERT

Commented:
Hi,
Well you still can use gpo to distribute any soft to your clients.
In that kind of environment, you use local firewall only on nomades ! You should normally have a phisical firewall on your network
I'm still sorry but you cannot use windows firewall to allow a specific application on different ports. Well you can do it but then you have to configure all ports used by the app. Can you shorten the port range used by the app?

Author

Commented:
In Windows Firewall there are prefenied firewall group "Remote Management", "Eventlog", "FileSystem", Remote-WMI"...
The only problem is, that i want to enable them only for a specific user and computer. This is possible in those predefnied rules...but not working!?!
CERTIFIED EXPERT

Commented:
Hi,
You can create a specific configuration for a user then export and import it to all the users that should have it, just saw that on windows 7, should be available on vista
Unlock this solution and get a sample of our free trial.
(No credit card required)
UNLOCK SOLUTION
Unlock the solution to this question.
Thanks for using Experts Exchange.

Please provide your email to receive a sample view!

*This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.

OR

Please enter a first name

Please enter a last name

8+ characters (letters, numbers, and a symbol)

By clicking, you agree to the Terms of Use and Privacy Policy.