Solved

The range of ports is not displayed when a Windows Firewall rule defines a local port range

Posted on 2014-11-20
4
108 Views
Last Modified: 2014-11-21
We are having the exact issue described in Microsoft KB2934842:
The range of ports is not displayed when a Windows Firewall rule defines a local port range.

However, the article applies only to Windows Server 2008 R2 (Win7) and Windows Server 2012 R2 (Win8.1).  We're running Windows Server 2012 (Win8.0), and neither hotfix that's prescribed is compatible with what we're running.

The article also fails to explain whether the issue is merely a superficial display problem, or whether the GPO will not apply the port ranges that don't appear in the Settings pane of the GPMC.

We're desperate to get out a new, large Firewall GPO, but we need to fully understand what may or may not be working.  

Can anyone shed some light on this for us?
0
Comment
Question by:Dimarc67
  • 2
  • 2
4 Comments
 
LVL 36

Accepted Solution

by:
Mahesh earned 500 total points
ID: 40458268
To do what you are trying to do, either add 2008 R2 member server  OR with 2012 R2 member server with GPMC and RSAT for active directory installed and 1st check if the port range is able to view correctly through GPMC viewer

If not, apply appropriate hotfix to these member servers and check if it works

Also you can check on actual workstations if firewall rules are getting applied as expected

You might check from GUI or from netsh
netsh advfirewall firewall show rule name=all
0
 
LVL 4

Author Comment

by:Dimarc67
ID: 40458324
Mahesh,

Thanks for the suggestions.  We have 2008 R2 member servers, but the GPMC is unable to correctly display the Settings of any of our GPO's.  We do not have any licenses for 2012 R2, so we can't test that.

We've confirmed that the GPO is being applied correctly, but haven't yet confirmed if the specific ports are being opened.

We've also provided feedback to MS regarding the hole in supporting this issue, but are not expecting any follow up.

At this point, we'll manually check the open ports of systems that receive the GPO to confirm.

Awarding points.

Dimarc67
Frederick, MD
0
 
LVL 4

Author Closing Comment

by:Dimarc67
ID: 40458326
Question was not stated concisely, so awarding full points since loose criteria were met.
0
 
LVL 36

Expert Comment

by:Mahesh
ID: 40458361
OK
U can download 180 days evaluation 2012 R2 standard version, install it as member server with GPMC and RSAT for AD and check
Also if require install hotfix as per your original link
0

Featured Post

PRTG Network Monitor: Intuitive Network Monitoring

Network Monitoring is essential to ensure that computer systems and network devices are running. Use PRTG to monitor LANs, servers, websites, applications and devices, bandwidth, virtual environments, remote systems, IoT, and many more. PRTG is easy to set up & use.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

In my previous Experts Exchange Articles (http://www.experts-exchange.com/ARTH_1864316.html?arthOrderBy=3&arthSort=1#arth), most have featured Basic and Intermediate VMware Topics.  As a Virtualisation Consultant, we implement many different virtual…
OfficeMate Freezes on login or does not load after login credentials are input.
In this Micro Tutorial viewers will learn how to use Windows Server Backup to create full image of their system. Tutorial shows how to install Windows Server Backup Feature on Windows 2012R2 and how to configure scheduled Bare Metal Recovery backup.…
In this Micro Tutorial viewers will learn how to restore their server from Bare Metal Backup image created with Windows Server Backup feature. As an example Windows 2012R2 is used.

820 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question