Solved

GPO WF for a WIndows 2003 forest/domain

Posted on 2014-09-10
1
363 Views
Last Modified: 2014-09-23
Hi Experts,

Issue

Windows Firewall is preventing ping and RDP to all Windows 7 laptops. I need to create
a GPO or script to allow incoming ping & RDP to all laptops located on a VLAN /SITE from all machines sources
from 2 different subnets 172.20.3 and 172.20.4

Can you please provide all steps required to implement this GPO or script?

Also, I need to prevent any corruptions with the policies that are currently being applied to laptops. Any suggestions here?

My environment as per below

Windows 2003 Forest/domain functional level

Windows 7 SP1 os clients

McAfee 8.0  installed on all machines

I would like to see your recommendations to prevent any corruption because of new firewall gpo policy, and all steps required to apply the new gpo to allow incoming traffic for ping and RDP for computers from two different subnets
0
Comment
Question by:Jerry Seinfield
1 Comment
 
LVL 9

Accepted Solution

by:
Christopher Jay Wolff earned 500 total points
ID: 40316241
Hmm.  I don't have all your answers, but maybe some information that you'd find useful since no one has responded yet.

Just to cover the bases, you're probably already aware of the human steps to getting through the firewall as described here.
http://windows.microsoft.com/en-US/windows7/allow-remote-desktop-connections-from-outside-your-home-network

Then these folks fixed up their firewall with a nice GPO for Skype at their workplace and the method should prove useful to your application.
http://www.howtogeek.com/100409/group-policy-geek-how-to-control-the-windows-firewall-with-a-gpo/

Is this infinite universes away from what you're looking for?

Then, if you need greater control/security you could get a C++ expert to write your own WFP stuff as discussed here...
http://msdn.microsoft.com/en-us/library/windows/desktop/aa366510(v=vs.85).aspx

from that page click "using windows filtering platform"  then click "Permitting and Blocking Applications and Users" and the associated example C++ code for filtering by app or user is here...
http://msdn.microsoft.com/en-us/library/windows/desktop/bb427381(v=vs.85).aspx
also note in the left margin the example under "reserving ports."
0

Featured Post

Back Up Your Microsoft Windows Server®

Back up all your Microsoft Windows Server – on-premises, in remote locations, in private and hybrid clouds. Your entire Windows Server will be backed up in one easy step with patented, block-level disk imaging. We achieve RTOs (recovery time objectives) as low as 15 seconds.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

This article shows how to deploy dynamic backgrounds to computers depending on the aspect ratio of display
A project that enables an administrator to perform actions within a user session context not just at the time of login but any time later on day(s) or week(s) later.
This Micro Tutorial will teach you how to change your appearance and customize your Windows 7 interface to your unique preference. This will be demonstrated using Windows 7 operating system.
Microsoft Active Directory, the widely used IT infrastructure, is known for its high risk of credential theft. The best way to test your Active Directory’s vulnerabilities to pass-the-ticket, pass-the-hash, privilege escalation, and malware attacks …

749 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question