Still celebrating National IT Professionals Day with 3 months of free Premium Membership. Use Code ITDAY17

x
?
Solved

"Defer to user" error with "netsh advfirewall" command on Win2008R2

Posted on 2013-05-17
2
Medium Priority
?
1,165 Views
Last Modified: 2013-05-17
I've used the following command without issue on several Win2008R2 servers in the past, but I'm running into the following error on one particular device.

Command:
netsh advfirewall firewall set rule name=all dir=in remoteip=any new remoteip=localsubnet

Error:
'Defer to user' setting can only be used in a firewall rule where program path and TCP/UDP protocol are specified with no additional scopes

Any ideas?
0
Comment
Question by:fcoa
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 2
2 Comments
 

Accepted Solution

by:
fcoa earned 0 total points
ID: 39175754
I sorted it out... this has to do with the "Edge traversal" setting on inbound rules ("Advanced" tab). Apparently, the "Defer to user" setting cannot be set to "local subnet".

To resolve, I temporarily changed this setting on a handful of rules.  I then ran the command above and reverted the setting on the applicable rules.
0
 

Author Closing Comment

by:fcoa
ID: 39175760
Sort of annoying to need this manual workaround (particularly if you have several rules at this value), but this appears to be the only solution.  It's much faster than the alternative.
0

Featured Post

Are You Ready for GDPR?

With the GDPR deadline set for May 25, 2018, many organizations are ill-prepared due to uncertainty about the criteria for compliance. According to a recent WatchGuard survey, a staggering 37% of respondents don't even know if their organization needs to comply with GDPR. Do you?

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

I was prompted to write this article after the recent World-Wide Ransomware outbreak. For years now, System Administrators around the world have used the excuse of "Waiting a Bit" before applying Security Patch Updates. This type of reasoning to me …
After seeing many questions for JRNL_WRAP_ERROR for replication failure, I thought it would be useful to write this article.
This tutorial will walk an individual through the steps necessary to join and promote the first Windows Server 2012 domain controller into an Active Directory environment running on Windows Server 2008. Determine the location of the FSMO roles by lo…
This tutorial will walk an individual through the process of transferring the five major, necessary Active Directory Roles, commonly referred to as the FSMO roles to another domain controller. Log onto the new domain controller with a user account t…
Suggested Courses

688 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question