Solved

Enabling Firewall through GPO

Posted on 2014-04-02
4
299 Views
Last Modified: 2014-04-02
I have a Small Business Server 2008. I have found that the firewall is turned off on all the workstations. When I choose to enable the firewall I get a message that the firewall settings are managed through Group Policy.

To enable the Firewall from the server, I opened Group Policy Management and did the following:
Under the domain name I did a right click and edit on "Default Domain Policy"
I then navigated to:
Computer Configuration -> Policies -> Windows Settings -> Windows Firewall with Advanced Security -> Windows Firewall with Advanced Security - LDAP://CN={GUID}, CN=Policies,CN=System,DC=Company,DC=Local

In here I found the firewall turned off. I enabled this and left the Link Enabled and Enforced disabled. I waited 1 hour then I went to a workstation and did a gpupdate /force.

The Firewall still shows off on the workstation.
What did I miss? Should the firewall be set somewhere else?
0
Comment
Question by:LostInWindows
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 2
  • 2
4 Comments
 
LVL 58

Accepted Solution

by:
Cliff Galiher earned 500 total points
ID: 39972927
Editing the default domain policy is usually a bad idea. SBS creates a separate firewall policy by default and link order is also (by default) set so it takes precedence. That ahoild be the policy you edit.

But a few points that will generically help you:

The default refresh time for GPOs is 90 minutes, which is longer than the hour you waited.

Gpudate is your friend. If you can't wait the full refresh time, this can produce near immediate results.

The GP results wizard in GPMC can produce the "final" list of all settings for a particular user on particular workstation. It will also tell you *which* GPO each setting is coming from. You can and should run this so you know which policy is causing a setting to appear (including why the firewall is off.) it saves you from hunting and guessing.
0
 
LVL 1

Author Comment

by:LostInWindows
ID: 39973025
Thanks for this information. Do you know where SBS sets up its default firewall policy? I should check it and see if it is enabled.
0
 
LVL 58

Expert Comment

by:Cliff Galiher
ID: 39973032
It is a clearly named group policy. SBS firewall policy or similarly named.
0
 
LVL 1

Author Closing Comment

by:LostInWindows
ID: 39973972
Thank you, It is fixed now!
0

Featured Post

The Ultimate Checklist to Optimize Your Website

Websites are getting bigger and complicated by the day. Video, images, custom fonts are all great for showcasing your product/service. But the price to pay in terms of reduced page load times and ultimately, decreased sales, can lead to some difficult decisions about what to cut.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

This article is in response to a question (http://www.experts-exchange.com/Networking/Network_Management/Network_Analysis/Q_28230497.html) here at Experts Exchange. The Original Poster (OP) requires a utility that will accept a list of IP addresses …
I’m often asked about newer and larger USB drives connected to SBS2008 and 2011 failing Windows Server Backup vs the older USB drives not failing. As disk space continues to grow and drive technology change SBS2008 and some SBS2011 end up with the f…
Michael from AdRem Software explains how to view the most utilized and worst performing nodes in your network, by accessing the Top Charts view in NetCrunch network monitor (https://www.adremsoft.com/). Top Charts is a view in which you can set seve…
Monitoring a network: how to monitor network services and why? Michael Kulchisky, MCSE, MCSA, MCP, VTSP, VSP, CCSP outlines the philosophy behind service monitoring and why a handshake validation is critical in network monitoring. Software utilized …

726 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question