Solved

GPO WF for a WIndows 2003 forest/domain

Posted on 2014-09-10
1
365 Views
Last Modified: 2014-09-23
Hi Experts,

Issue

Windows Firewall is preventing ping and RDP to all Windows 7 laptops. I need to create
a GPO or script to allow incoming ping & RDP to all laptops located on a VLAN /SITE from all machines sources
from 2 different subnets 172.20.3 and 172.20.4

Can you please provide all steps required to implement this GPO or script?

Also, I need to prevent any corruptions with the policies that are currently being applied to laptops. Any suggestions here?

My environment as per below

Windows 2003 Forest/domain functional level

Windows 7 SP1 os clients

McAfee 8.0  installed on all machines

I would like to see your recommendations to prevent any corruption because of new firewall gpo policy, and all steps required to apply the new gpo to allow incoming traffic for ping and RDP for computers from two different subnets
0
Comment
Question by:Jerry Seinfield
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
1 Comment
 
LVL 9

Accepted Solution

by:
Christopher Jay Wolff earned 500 total points
ID: 40316241
Hmm.  I don't have all your answers, but maybe some information that you'd find useful since no one has responded yet.

Just to cover the bases, you're probably already aware of the human steps to getting through the firewall as described here.
http://windows.microsoft.com/en-US/windows7/allow-remote-desktop-connections-from-outside-your-home-network

Then these folks fixed up their firewall with a nice GPO for Skype at their workplace and the method should prove useful to your application.
http://www.howtogeek.com/100409/group-policy-geek-how-to-control-the-windows-firewall-with-a-gpo/

Is this infinite universes away from what you're looking for?

Then, if you need greater control/security you could get a C++ expert to write your own WFP stuff as discussed here...
http://msdn.microsoft.com/en-us/library/windows/desktop/aa366510(v=vs.85).aspx

from that page click "using windows filtering platform"  then click "Permitting and Blocking Applications and Users" and the associated example C++ code for filtering by app or user is here...
http://msdn.microsoft.com/en-us/library/windows/desktop/bb427381(v=vs.85).aspx
also note in the left margin the example under "reserving ports."
0

Featured Post

Optimizing Cloud Backup for Low Bandwidth

With cloud storage prices going down a growing number of SMBs start to use it for backup storage. Unfortunately, business data volume rarely fits the average Internet speed. This article provides an overview of main Internet speed challenges and reveals backup best practices.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

This article outlines the process to identify and resolve account lockout in an Active Directory environment.
This article demonstrates probably the easiest way to configure domain-wide tier isolation within Active Directory. If you do not know tier isolation read https://technet.microsoft.com/en-us/windows-server-docs/security/securing-privileged-access/s…
This tutorial will walk an individual through the process of transferring the five major, necessary Active Directory Roles, commonly referred to as the FSMO roles to another domain controller. Log onto the new domain controller with a user account t…
This Micro Tutorial will give you a introduction in two parts how to utilize Windows Live Movie Maker to its maximum editing capability. This will be demonstrated using Windows Live Movie Maker on Windows 7 operating system.

710 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question