SupermanTB
asked on
Windows 7 laptop, not joined to domain, but group policy is controlling firewall
I've got a Windows 7 laptop that is not joined to a domain that is having issues w/ the firewall. I've having an issue w/ connecting to a VPN and I wanted to look at the firewall settings. When I go to do so, there is a message that says:
For your security, some of the settings are controlled by Group Policy
This laptop has never been connected to a domain, so I'm not sure how Group Policy could be controlling the firewall. Any ideas?
For your security, some of the settings are controlled by Group Policy
This laptop has never been connected to a domain, so I'm not sure how Group Policy could be controlling the firewall. Any ideas?
Yes, your local policy has been locked down at some point. Possibly your security software (Norton, McAffee etc).
As snafumaster mentioned, gpedit.msc from the RUN option will allow you to check this.
As snafumaster mentioned, gpedit.msc from the RUN option will allow you to check this.
here is what a Microsoft tech had to say about this issue, taken from :
http://social.answers.microsoft.com/Forums/en-US/w7security/thread/509a95e6-73cc-4faa-b746-1ab0ea5ccc98
Do you get any error message when you try to turn on the Windows Firewall?
Check if the service for Windows Firewall Service is started or not.
1. Click on Start
2. In the start Search box type Services
3. Right Click on - RUN AS ADMIN
Check if the below mentioned services has the mentioned status and start up type.
Windows Firewall Started Automatic\Manual.
Base Filtering Engine Started Automatic\Manual.
Windows Firewall Authorization Driver Started Automatic\Manual.
Also check the dependency services that are required for Windows Firewall Service to run.
To check that double click on the service and click on the dependency tab.
Also check if any third party firewall is enabled. If so disable the same and then try turing on the Windows Firewall.
Also check the response given by ‘Shekhar’ in the post given below dated November 03, 2009.
http://social.answers.microsoft.com/Forums/en-US/w7security/thread/e5ee6823-98f8-4575-a254-00a038b17e34
http://social.answers.microsoft.com/Forums/en-US/w7security/thread/509a95e6-73cc-4faa-b746-1ab0ea5ccc98
Do you get any error message when you try to turn on the Windows Firewall?
Check if the service for Windows Firewall Service is started or not.
1. Click on Start
2. In the start Search box type Services
3. Right Click on - RUN AS ADMIN
Check if the below mentioned services has the mentioned status and start up type.
Windows Firewall Started Automatic\Manual.
Base Filtering Engine Started Automatic\Manual.
Windows Firewall Authorization Driver Started Automatic\Manual.
Also check the dependency services that are required for Windows Firewall Service to run.
To check that double click on the service and click on the dependency tab.
Also check if any third party firewall is enabled. If so disable the same and then try turing on the Windows Firewall.
Also check the response given by ‘Shekhar’ in the post given below dated November 03, 2009.
http://social.answers.microsoft.com/Forums/en-US/w7security/thread/e5ee6823-98f8-4575-a254-00a038b17e34
Hi SupermanTB,
Rather than making you dig through the Local Security Policy, I thought I might attach a few screen shots to help you out. If Control Panel > System and Security > Windows Firewall shows the "For your security, some settings are managed by your system administrator" notification (see attached), then you do have one or more policy options getting in the way of configuring the Firewall manually.
Follow the instructions noted in the attached screenshots to disable/clear policy settings. Note that after these are applied, you will need to restart your system for them to take effect.
Hope this helps!
-Mark
gpo1.png
gpo2.png
gpo3.png
Rather than making you dig through the Local Security Policy, I thought I might attach a few screen shots to help you out. If Control Panel > System and Security > Windows Firewall shows the "For your security, some settings are managed by your system administrator" notification (see attached), then you do have one or more policy options getting in the way of configuring the Firewall manually.
Follow the instructions noted in the attached screenshots to disable/clear policy settings. Note that after these are applied, you will need to restart your system for them to take effect.
Hope this helps!
-Mark
gpo1.png
gpo2.png
gpo3.png
ASKER
I'm using Windows 7 Home Premium 64-bit and it says it can't find gpedit.msc
Yep, the Home versions don't include the local security policy editor or gpedit.msc snap-in. How about Control Panel > System and Security > Windows Firewall > Restore defaults (in the left-hand pane)?
-Mark
-Mark
ASKER
already tried the restore defaults and it didn't work
Normally, I'd just recommend using secedit from the command line to reset the local security policy, but we're limited with Home Premium. How about trying the "Microsoft Fix it" button in KB313222 (http://support.microsoft.com/kb/313222)?
-Mark
-Mark
ASKER
FYI, that link is only for Fix It for WinXP. When I found my way to the Windows 7 version the only issue it found had something to do w/ my video driver.
I noticed the version applicability as well, but also found the same KB article validated by a number of MS MVPs for Windows 7 Home Premium. I'll research/test locally and see how that goes.
In the meantime, how about checking the following registry key (Start > regedt32 in the Start Search box ... be careful!):
In the meantime, how about checking the following registry key (Start > regedt32 in the Start Search box ... be careful!):
HKEY_LOCAL_MACHINE\SOFTWAR
Are there any keys other than (Default) defined under the PrivateProfile or PublicProfile folders? Any WindowsFirewall folder at all?
Check that under Services the Firewall is set to Auto and click start.
Sorry, its already been posted!
ASKER
Under that registry folder, I had DomainProfile and StandardProfile and both of those have a registry key for EnableFirewall that is set to zero in addition to the Default key.
What Antivirus software are you using?
ASKER
AVG
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
Be sure you're using an admin account.
You can try these to reset your firewall. Use the vista options. GPO is not available in home vrs
but the error is due to security settings. Unfortunately after trying enough changes it may be best to just do a repair install to get it back to defaults.
http://support.microsoft.com/kb/973226
http://support.microsoft.com/kb/313222
You can try these to reset your firewall. Use the vista options. GPO is not available in home vrs
but the error is due to security settings. Unfortunately after trying enough changes it may be best to just do a repair install to get it back to defaults.
http://support.microsoft.com/kb/973226
http://support.microsoft.com/kb/313222
ASKER
Deleting that registry key and restarting the computer fixed my problem. Thanks for all your help.
ASKER
Hey Mark, thanks for your help on this question. After adjusting the firewall settings I'm still having the original VPN problem that led me to the firewall issue I had in this question. Should want to take a shot at it, here's the question link to the VPN issue I'm having.
https://www.experts-exchange.com/questions/26009307/VPN-Error-800-Windows-7-laptop-with-Windows-Server-2003.html
https://www.experts-exchange.com/questions/26009307/VPN-Error-800-Windows-7-laptop-with-Windows-Server-2003.html
Thank you so much mark1208. Your provided solution worked and saved me. I have been searching for a while now, and your solution and find was just what I needed. Thank you again!
- Start
- In the search, type; GPEDIT.msc
That's the place to start.