Celebrate National IT Professionals Day with 3 months of free Premium Membership. Use Code ITDAY17

x
?
Solved

GPO WF for a WIndows 2003 forest/domain

Posted on 2014-09-10
1
Medium Priority
?
378 Views
Last Modified: 2014-09-23
Hi Experts,

Issue

Windows Firewall is preventing ping and RDP to all Windows 7 laptops. I need to create
a GPO or script to allow incoming ping & RDP to all laptops located on a VLAN /SITE from all machines sources
from 2 different subnets 172.20.3 and 172.20.4

Can you please provide all steps required to implement this GPO or script?

Also, I need to prevent any corruptions with the policies that are currently being applied to laptops. Any suggestions here?

My environment as per below

Windows 2003 Forest/domain functional level

Windows 7 SP1 os clients

McAfee 8.0  installed on all machines

I would like to see your recommendations to prevent any corruption because of new firewall gpo policy, and all steps required to apply the new gpo to allow incoming traffic for ping and RDP for computers from two different subnets
0
Comment
Question by:Jerry Seinfield
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
1 Comment
 
LVL 9

Accepted Solution

by:
Christopher Jay Wolff earned 2000 total points
ID: 40316241
Hmm.  I don't have all your answers, but maybe some information that you'd find useful since no one has responded yet.

Just to cover the bases, you're probably already aware of the human steps to getting through the firewall as described here.
http://windows.microsoft.com/en-US/windows7/allow-remote-desktop-connections-from-outside-your-home-network

Then these folks fixed up their firewall with a nice GPO for Skype at their workplace and the method should prove useful to your application.
http://www.howtogeek.com/100409/group-policy-geek-how-to-control-the-windows-firewall-with-a-gpo/

Is this infinite universes away from what you're looking for?

Then, if you need greater control/security you could get a C++ expert to write your own WFP stuff as discussed here...
http://msdn.microsoft.com/en-us/library/windows/desktop/aa366510(v=vs.85).aspx

from that page click "using windows filtering platform"  then click "Permitting and Blocking Applications and Users" and the associated example C++ code for filtering by app or user is here...
http://msdn.microsoft.com/en-us/library/windows/desktop/bb427381(v=vs.85).aspx
also note in the left margin the example under "reserving ports."
0

Featured Post

What does it mean to be "Always On"?

Is your cloud always on? With an Always On cloud you won't have to worry about downtime for maintenance or software application code updates, ensuring that your bottom line isn't affected.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

After seeing many questions for JRNL_WRAP_ERROR for replication failure, I thought it would be useful to write this article.
Let's recap what we learned from yesterday's Skyport Systems webinar.
This Micro Tutorial hows how you can integrate  Mac OSX to a Windows Active Directory Domain. Apple has made it easy to allow users to bind their macs to a windows domain with relative ease. The following video show how to bind OSX Mavericks to …
Want to learn how to record your desktop screen without having to use an outside camera. Click on this video and learn how to use the cool google extension called "Screencastify"! Step 1: Open a new google tab Step 2: Go to the left hand upper corn…

730 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question