I am trying to set up "Windows Firewall With Advanced Security" (WFwAS) through GPO.
My goal is to have WFwAS automatically log dropped packets for all Domain Controllers.
I go to: "Computer Configuration -> Policies -> Windows Settings -> Security -> WFwAS -> WFwAS -> choose Windows Firewall Properties -> Logging -> Customize" and untick "Not configured"
That auto fills the name for the Firewall log file as:
I also choose to log dropped packets, but to not log successful connections.
When I OK my way out, and then og back in again - the "Notconfigured" checkbox is ticked...
Even though I unticked it a few Seconds ago, it ticks itself back!
No logging takes place on the servers affected by the GPO, so the GPO is not making the DC's log.
Other settings in the same GPO do take effect on the DC's.
I see several People have asked the same questions around the Internet, but no one has gotten an answer.