Solved

The range of ports is not displayed when a Windows Firewall rule defines a local port range

Posted on 2014-11-20
4
104 Views
Last Modified: 2014-11-21
We are having the exact issue described in Microsoft KB2934842:
The range of ports is not displayed when a Windows Firewall rule defines a local port range.

However, the article applies only to Windows Server 2008 R2 (Win7) and Windows Server 2012 R2 (Win8.1).  We're running Windows Server 2012 (Win8.0), and neither hotfix that's prescribed is compatible with what we're running.

The article also fails to explain whether the issue is merely a superficial display problem, or whether the GPO will not apply the port ranges that don't appear in the Settings pane of the GPMC.

We're desperate to get out a new, large Firewall GPO, but we need to fully understand what may or may not be working.  

Can anyone shed some light on this for us?
0
Comment
Question by:Dimarc67
  • 2
  • 2
4 Comments
 
LVL 35

Accepted Solution

by:
Mahesh earned 500 total points
ID: 40458268
To do what you are trying to do, either add 2008 R2 member server  OR with 2012 R2 member server with GPMC and RSAT for active directory installed and 1st check if the port range is able to view correctly through GPMC viewer

If not, apply appropriate hotfix to these member servers and check if it works

Also you can check on actual workstations if firewall rules are getting applied as expected

You might check from GUI or from netsh
netsh advfirewall firewall show rule name=all
0
 
LVL 4

Author Comment

by:Dimarc67
ID: 40458324
Mahesh,

Thanks for the suggestions.  We have 2008 R2 member servers, but the GPMC is unable to correctly display the Settings of any of our GPO's.  We do not have any licenses for 2012 R2, so we can't test that.

We've confirmed that the GPO is being applied correctly, but haven't yet confirmed if the specific ports are being opened.

We've also provided feedback to MS regarding the hole in supporting this issue, but are not expecting any follow up.

At this point, we'll manually check the open ports of systems that receive the GPO to confirm.

Awarding points.

Dimarc67
Frederick, MD
0
 
LVL 4

Author Closing Comment

by:Dimarc67
ID: 40458326
Question was not stated concisely, so awarding full points since loose criteria were met.
0
 
LVL 35

Expert Comment

by:Mahesh
ID: 40458361
OK
U can download 180 days evaluation 2012 R2 standard version, install it as member server with GPMC and RSAT for AD and check
Also if require install hotfix as per your original link
0

Featured Post

Comprehensive Backup Solutions for Microsoft

Acronis protects the complete Microsoft technology stack: Windows Server, Windows PC, laptop and Surface data; Microsoft business applications; Microsoft Hyper-V; Azure VMs; Microsoft Windows Server 2016; Microsoft Exchange 2016 and SQL Server 2016.

Join & Write a Comment

The reason that corporations and businesses use Windows servers is because it supports custom modifications to adapt to the business and what it needs. Most individual users won’t need such powerful options. Here I’ll explain how you can enable Wind…
A procedure for exporting installed hotfix details of remote computers using powershell
This tutorial will walk an individual through the steps necessary to join and promote the first Windows Server 2012 domain controller into an Active Directory environment running on Windows Server 2008. Determine the location of the FSMO roles by lo…
This tutorial will walk an individual through the process of configuring their Windows Server 2012 domain controller to synchronize its time with a trusted, external resource. Use Google, Bing, or other preferred search engine to locate trusted NTP …

708 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

13 Experts available now in Live!

Get 1:1 Help Now