Solved

SBS 2011 Firewall Off after migration

Posted on 2013-01-27
5
478 Views
Last Modified: 2013-01-31
I have just carried out a migration from SBS 2003 with ISA server to SBS 2011 standard.
Unfortunately the server firewall and all client firewalls are switched off on the domain somewhere in group policy but I cannot find out where. I want them switched back on preferrably with the abilty to switch them off temporairly if needs must to test issues.
I have also had a problem with the ISA proxy settings keeping switching on even though they were set to not configured. To get round that I had to set the proxy as configured but with no port or IP address in the Internet Explorer settings in Group Policy.
The firewall is givving me more of a headache though.
0
Comment
Question by:gogsck
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 3
  • 2
5 Comments
 
LVL 51

Accepted Solution

by:
Keith Alabaster earned 500 total points
ID: 38825768
Have you removed the ISA firewall client from all work stations post-migration?

To set the proxy through group policy can be undertaken using this guide.
http://kb.k12usa.com/Knowledgebase/Windows-2008-Group-Policies-for-Internet-Explorer

To set the windows firewall as on is from this one.
edit the domain policy - assuming you want this across the full domain.
computer config, policies, windows settings, security settings, Windows firewall with advanced security.

Expand this section then right-click the top node (usually includes ldap://guid address ion the title) and select properties. You can edit it all from here.

This is for server 2012 but 2011 is not that different I believe in regards to gpo.
0
 

Author Comment

by:gogsck
ID: 38825845
I have already looked at that for the Proxy. The proxy was set as not configured but was still adding a proxy on IE. To get round that I had to set it to enable the Porxy and leave the IP address and port fields empty. The ISA client has never been installed on the client PCs.
I have a bigger problem with the Client and server firewalls. They are Off for the Domain and I want them on
0
 

Author Comment

by:gogsck
ID: 38825901
Just had another look at the Firewall settings. And that was set to OFF for domain so I have set it to not configured. It has sorted the server but I will have to check the clients later when I get on site. Don't know how how I missed that one..
Thanks for your help
0
 
LVL 51

Expert Comment

by:Keith Alabaster
ID: 38827751
Welcome :)

However, not configured may not fix it.... Not configured means (usually) that no policy is set and therefore use what has been set locally but we'll see.
0
 
LVL 51

Expert Comment

by:Keith Alabaster
ID: 38842627
Thanks
0

Featured Post

Free Tool: Port Scanner

Check which ports are open to the outside world. Helps make sure that your firewall rules are working as intended.

One of a set of tools we are providing to everyone as a way of saying thank you for being a part of the community.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

This guide is intended to provide step by step instructions on how to migrate from Small Business Server 2003 to Small Business Server 2011. NOTE: This guide has been written using the preview version of SBS2011 therefore some of the screens may …
The problem of the system drive in SBS 2003 getting full continues to be an issue, even though SBS 2008 and SBS 2011 are both in the market place.  There are several solutions to this, including adding additional drive space or using third party uti…
Nobody understands Phishing better than an anti-spam company. That’s why we are providing Phishing Awareness Training to our customers. According to a report by Verizon, only 3% of targeted users report malicious emails to management. With compan…
Attackers love to prey on accounts that have privileges. Reducing privileged accounts and protecting privileged accounts therefore is paramount. Users, groups, and service accounts need to be protected to help protect the entire Active Directory …

756 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question