Solved

"Defer to user" error with "netsh advfirewall" command on Win2008R2

Posted on 2013-05-17
2
1,143 Views
Last Modified: 2013-05-17
I've used the following command without issue on several Win2008R2 servers in the past, but I'm running into the following error on one particular device.

Command:
netsh advfirewall firewall set rule name=all dir=in remoteip=any new remoteip=localsubnet

Error:
'Defer to user' setting can only be used in a firewall rule where program path and TCP/UDP protocol are specified with no additional scopes

Any ideas?
0
Comment
Question by:fcoa
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 2
2 Comments
 

Accepted Solution

by:
fcoa earned 0 total points
ID: 39175754
I sorted it out... this has to do with the "Edge traversal" setting on inbound rules ("Advanced" tab). Apparently, the "Defer to user" setting cannot be set to "local subnet".

To resolve, I temporarily changed this setting on a handful of rules.  I then ran the command above and reverted the setting on the applicable rules.
0
 

Author Closing Comment

by:fcoa
ID: 39175760
Sort of annoying to need this manual workaround (particularly if you have several rules at this value), but this appears to be the only solution.  It's much faster than the alternative.
0

Featured Post

Ransomware-A Revenue Bonanza for Service Providers

Ransomware – malware that gets on your customers’ computers, encrypts their data, and extorts a hefty ransom for the decryption keys – is a surging new threat.  The purpose of this eBook is to educate the reader about ransomware attacks.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

To setup a SonicWALL for policy based routing to be used with the Websense Content Gateway there are several steps that need to be completed. Below is a rough guide for accomplishing this. One thing of note is this guide is intended to assist in the…
This article provides a convenient collection of links to Microsoft provided Security Patches for operating systems that have reached their End of Life support cycle. Included operating systems covered by this article are Windows XP,  Windows Server…
This tutorial will show how to push an installation of Backup Exec to an additional server in both 2012 and 2014 versions of the software. Click on the Backup Exec button in the upper left corner. From here, select Installation and Licensing, then I…
To efficiently enable the rotation of USB drives for backups, storage pools need to be created. This way no matter which USB drive is installed, the backups will successfully write without any administrative intervention. Multiple USB devices need t…
Suggested Courses

630 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question