• Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 2139
  • Last Modified:

SBS 2011 Firewall GPO

Hello Experts,

I need to open a few ports in Windows Firewall for several users/computers in our domain. It's a Windows SBS 2011 box. Does anyone have an easy to follow guide on how to do this using group policy? Or another suggestion?
0
Anteksxm
Asked:
Anteksxm
  • 2
1 Solution
 
Seatown1984Commented:
Windows Firewall is in computer policies. Group all your user computers in an ou, create a gpo in ou, and open Group Policy MMC. Go to Computer Config -> Polices -> Windows Settings -> Security Settings -> Windows Firewall with Advanced Security -> Inbound Rules. Right click and select new rule and follow the wizard. Pretty straight forward. The wizard even has a few Predefined Rules for common services like Remote Desktop or Remote Services.
0
 
Rob WilliamsCommented:
Pete Long has a nice article on the specific policies and their locations, complete with screen shots. He references port 3389 but you can substitute the ports you require.
http://www.petenetlive.com/KB/Article/0000193.htm
0
 
Larry Struckmeyer MVPCommented:
Good advice all.  Please don't alter the policies that are pre installed.  If the new policy is to open port 18026 incoming for a specific peice of software, say "Snakebite", then create a  new policy, link it at the domain level (if you want all users to have that policy) and name it: "Snakebite, Incoming Port 18026"
0
 
Rob WilliamsCommented:
Interesting point fl_flyfishing, however are the policies additive or might the existing firewall policy override the exception?  I am not sure. Normally I always suggest a new policy with a name that makes sense.
0
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

Join & Write a Comment

Featured Post

Cloud Class® Course: Certified Penetration Testing

This CPTE Certified Penetration Testing Engineer course covers everything you need to know about becoming a Certified Penetration Testing Engineer. Career Path: Professional roles include Ethical Hackers, Security Consultants, System Administrators, and Chief Security Officers.

  • 2
Tackle projects and never again get stuck behind a technical roadblock.
Join Now