Restore Windows advanced firewall settings server 2008

Posted on 2012-09-15
Last Modified: 2012-09-24
I have a server that had problems getting the firewall started. I fixed that and manually recreated critical rules such as DNS, DHCP and SQL. I still cannot turn on file and print sharing and network discovery in Advanced Sharing Settings.

I saw all the suggestions about turning on services but that did not help.

I compared rules from another server and there are a lot of rules missing in Advanced firewall settings relating to network discovery and file sharing. I'd prefer not to manually try to recreate all those rules.

I am remoted into the server so I really don't want to attempt "restore defaults" in Windows Firewall. If I were on site, I would try that.

The firewall settings are in the registry but I don't want to export from one server to another. I'm afraid that may break something.

Is there anyway to SAFELY restore these settings.
Question by:ajdratch
    LVL 20

    Expert Comment

    by:Radhakrishnan Rajayyan

    You can try restore the firewall default state. Have a look at this article which details the steps

    Also, you can try repair but unfortunately it's not a good option to do so, mistake can go to reinstall OS level.

    Run the following commands one after another at Command Prompt.

    rundll32 setupapi,InstallHinfSection Ndi-Steelhead 132 %windir%\inf\netrass.inf

    netsh firewall reset

    Next, exit the Command Prompt window and open the Control Panel. Here, double-click on the Windows Firewall option. Click Yes when a message is prompted asking you if you want to start the Windows Firewall service. When you select Yes, the service is started and the Windows Firewall dialog is displayed that you can use to configure your firewall.
    If this does not enable you to restore the firewall, I think you may need to reinstall Windows.

    Again, this will be at your own risk.
    LVL 77

    Expert Comment

    by:David Johnson, CD, MVP
    with the server being remote that really limits your options. you've pretty much said no to every option that I can think of.. guess you're left with recreating each rule individually

    Author Comment

    As mentioned I didn't want to restore default settings because I was afraid i would lose remote connection.

    I did find out that you can export firewall policy by right clicking on Windows Firewall with advanced security on local computer. I exported from a server that had similar settings and imported into this server. That worked great and I can now share the printers.

    Author Comment

    I've requested that this question be closed as follows:

    Accepted answer: 0 points for ajdratch's comment #a38413524

    for the following reason:

    Exported settings from another server and that fixed the firewall settings
    LVL 77

    Accepted Solution

    You state: "The firewall settings are in the registry but I don't want to export from one server to another. I'm afraid that may break something. Is there anyway to SAFELY restore these settings."

    My answer was that you have to re-create these settings manually being the safest route.

    Write Comment

    Please enter a first name

    Please enter a last name

    We will never share this with anyone.

    Featured Post

    How your wiki can always stay up-to-date

    Quip doubles as a “living” wiki and a project management tool that evolves with your organization. As you finish projects in Quip, the work remains, easily accessible to all team members, new and old.
    - Increase transparency
    - Onboard new hires faster
    - Access from mobile/offline

    I was asked if I could set up a fax machine so that incoming faxes were delivered to people's Exchange inboxes and so that they could send faxes from their desktops without needing to print the document first.  I knew it was possible but I had no id…
    I was supporting a handful of Windows 2008 (non-R2) 2 node clusters with shared quorum disks. Some had SQL 2008 installed and some were just a vendor application that we supported. For the purposes of this article it doesn’t really matter which so w…
    This tutorial will show how to push an installation of Backup Exec to an additional server in both 2012 and 2014 versions of the software. Click on the Backup Exec button in the upper left corner. From here, select Installation and Licensing, then I…
    This tutorial will walk an individual through the steps necessary to join and promote the first Windows Server 2012 domain controller into an Active Directory environment running on Windows Server 2008. Determine the location of the FSMO roles by lo…

    737 members asked questions and received personalized solutions in the past 7 days.

    Join the community of 500,000 technology professionals and ask your questions.

    Join & Ask a Question

    Need Help in Real-Time?

    Connect with top rated Experts

    22 Experts available now in Live!

    Get 1:1 Help Now