We help IT Professionals succeed at work.

Windows Server 2008 Advanced Firewall Issue

Last Modified: 2012-05-08
I'm having an issue where the firewall is doing what it wants. regardless of how I set it up. Here's my situation.

I have Server 2008 Standard , No Active Directory no Domain, just a workgroup (AD or Domain model is not even considerable in this situation, my hands are tied)
It has 2 NICS

NIC1 Has two static IP Addresses and both subnet.
NIC1 is labeled "Unidentified Network" and is using the "Private" profile
NIC1 is attached to a private switch containing a few medical devices, a IP Web cam, and 2 small computers, and no external connections.

NIC2 is plugged into the "Site" network, and is simply using DHCP
NIC2 is Labeled by the parent network's domain name using the "Piublic" profile
NIC2 is plugged into a completely seperate network, they can not see one another.

 I have created a rule to block outbound remote port 80, and enabled that rulle for Domain, and Public profiles.

 I have created an allow remote port 80 rule , and enabled that one on the "private" network.

Regardless of all settings the block 80 outbound rule takes presidence over the allow, despite them being enabled on different profiles. I can't access port 80 on any network despite applying the rules to specific profiles and configuring the NICs to use the same. My goal is that the operator of the server has to be able to access port 80 on the 10.x.x.x network but not on the public side. It appears to me that Server 2008 completely ignores the profiles of each network, am I missing something ?

 Please keep in mind when answering. I didn't choose a server class OS to act as a workstation, I can not create or enable a domain or AD. I'm just some poor enginner stuck with someone else's bad design.
Watch Question

Top Expert 2012
This one is on us!
(Get your first solution completely free - no credit card required)


Microsoft Sucks. To quote Microsoft
"In Windows Vista and Windows Server 2008, only one profile is applied at any one time."

How incredibly short cited of Microsoft and company. VERY typical
Top Expert 2012

Very typical.


I have to say, Active Directory is great in the enterprise. That having been said, when you just need an old-school simple domain, Microsoft is not at all the way to go. There are (rare) few cases where I'd actually prefer to still have an NT 4.0 Server. Or even better a NIS centric domain.

Gain unlimited access to on-demand training courses with an Experts Exchange subscription.

Get Access
Why Experts Exchange?

Experts Exchange always has the answer, or at the least points me in the correct direction! It is like having another employee that is extremely experienced.

Jim Murphy
Programmer at Smart IT Solutions

When asked, what has been your best career decision?

Deciding to stick with EE.

Mohamed Asif
Technical Department Head

Being involved with EE helped me to grow personally and professionally.

Carl Webster
CTP, Sr Infrastructure Consultant
Empower Your Career
Did You Know?

We've partnered with two important charities to provide clean water and computer science education to those who need it most. READ MORE

Ask ANY Question

Connect with Certified Experts to gain insight and support on specific technology challenges including:

  • Troubleshooting
  • Research
  • Professional Opinions
Unlock the solution to this question.
Join our community and discover your potential

Experts Exchange is the only place where you can interact directly with leading experts in the technology field. Become a member today and access the collective knowledge of thousands of technology experts.

*This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.


Please enter a first name

Please enter a last name

8+ characters (letters, numbers, and a symbol)

By clicking, you agree to the Terms of Use and Privacy Policy.