Solved

Firewall GPO settings

Posted on 2011-03-16
5
364 Views
Last Modified: 2012-06-27
On an SBS 2008 SP2 domain I have a Firewall GPO to turn off the firewall on the workstations NICs. It doesn't seem to be getting applied and I can't figure out why. I ran a RSOP for specific computer and user combination and under Windows Firewall with Advanced Security for the Domain, Public and Private Profiles the Firewall State was "Disabled". I logged into the computer as the user and the firewall is turned on.

Is there somewhere else in GP to set the firewall state for the NIC?
0
Comment
Question by:westone
  • 2
  • 2
5 Comments
 
LVL 6

Assisted Solution

by:nettek0300
nettek0300 earned 250 total points
ID: 35148440
Try logging in as admin and running gpupdate /force at a command line.  The computer may not be pulling the GP from the server.
0
 
LVL 4

Accepted Solution

by:
bigstyler earned 250 total points
ID: 35148455
Hi

The GPO is applied to an OU that is containing "computers" ('and not users), right ?

Which OS versions are on the scope of the GP ? (verify that the GP is compatible with them).

Have you done that ? :

1.Expand the Computer Configuration folder, then the Administrative Templates folder.
2.Expand the Network folder, then the Network Connections folder, then the Windows Firewall folder.
3.Select the Standard Profile folder.
4.Double-click the Windows Firewall: Protect all network connections option.
5.Select Disabled, then click OK.
6.Select the Domain Profile folder.
7 Double-click the Windows Firewall: Protect all network connections option.
8 Select Disabled, then click OK.
9 Close the Group Policy dialog box.


You could disable the windows firewall service if it is still not working.
0
 

Author Comment

by:westone
ID: 35148764
"The GPO is applied to an OU that is containing "computers" ('and not users), right ? "

Under Security Filtering on the GPO is "Domain Computers", which contains the computers on our domain. Is that what you're asking?

Which OS versions are on the scope of the GP?  XP SP3
Yes, the settings you asked about are Disabled.
0
 
LVL 4

Expert Comment

by:bigstyler
ID: 35149070
OK, and have you configured this same policy on the "Domain Profile" too ?

Could you tell us exactly which parameters you have already configured please ?
0
 

Author Comment

by:westone
ID: 35221995
I still haven't figured this out. I am moving this week and will have to wait to address it after getting settled. Too much going on right now. Thanks for the help though.
0

Featured Post

Optimizing Cloud Backup for Low Bandwidth

With cloud storage prices going down a growing number of SMBs start to use it for backup storage. Unfortunately, business data volume rarely fits the average Internet speed. This article provides an overview of main Internet speed challenges and reveals backup best practices.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

Remote Apps is a feature in server 2008 which allows users to run applications off Remote Desktop Servers without having to log into them to run the applications.  The user can either have a desktop shortcut installed or go through the web portal to…
If you are a user of the discontinued Microsoft Office Accounting 2008 (MSOA) and have to move to a new computer running Windows 8, you will be unhappy to discover that it won't install.  In particular, Microsoft SQL Server 2005 Express Edition (SSE…
Two types of users will appreciate AOMEI Backupper Pro: 1 - Those with PCIe drives (and haven't found cloning software that works on them). 2 - Those who want a fast clone of their boot drive (no re-boots needed) and it can clone your drive wh…
A short tutorial showing how to set up an email signature in Outlook on the Web (previously known as OWA). For free email signatures designs, visit https://www.mail-signatures.com/articles/signature-templates/?sts=6651 If you want to manage em…

773 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question