1

Using MMC, I'm attempting to remotely manage the Windows Defender Firewall on our Hyper-V Server 2019 instance (no GUI, CLI only). The NetBIOS name is SERVER1.

The Windows Defender Firewall Remote Management rules are enabled:

Name                  : RemoteFwAdmin-In-TCP
DisplayName           : Windows Defender Firewall Remote Management (RPC)
Description           : Inbound rule for the Windows Defender Firewall to be remotely managed via RPC/TCP.
DisplayGroup          : Windows Defender Firewall Remote Management
Group                 : @FirewallAPI.dll,-30002
Enabled               : True
Profile               : Any
Platform              : {}
Direction             : Inbound
Action                : Allow
EdgeTraversalPolicy   : Block
LooseSourceMapping    : False
LocalOnlyMapping      : False
Owner                 : 
PrimaryStatus         : OK
Status                : The rule was parsed successfully from the store. (65536)
EnforcementStatus     : NotApplicable
PolicyStoreSource     : PersistentStore
PolicyStoreSourceType : Local

Name                  : RemoteFwAdmin-RPCSS-In-TCP
DisplayName           : Windows Defender Firewall Remote Management (RPC-EPMAP)
Description           : Inbound rule for the RPCSS service to allow RPC/TCP traffic for the Windows Defender Firewall.
DisplayGroup          : Windows Defender Firewall Remote Management
Group                 : @FirewallAPI.dll,-30002
Enabled               : True
Profile               : Any
Platform              : {}
Direction             : Inbound
Action                : Allow
EdgeTraversalPolicy   : Block
LooseSourceMapping    : False
LocalOnlyMapping      : False
Owner                 : 
PrimaryStatus         : OK
Status                : The rule was parsed successfully from the store. (65536)
EnforcementStatus     : NotApplicable
PolicyStoreSource     : PersistentStore
PolicyStoreSourceType : Local

However, when I click the Inbound Rules node, MMC crashes:

MMC crash

Not that it helps much, but here's the stack trace info:

FX:{b05566ac-fe9c-4368-be02-7a4cbb7cbe11}
Object reference not set to an instance of an object.
System.NullReferenceException
   at Microsoft.WindowsFirewall.SnapIn.Wrappers.FirewallRules.Reload(String[] ruleIdFilter)
   at Microsoft.WindowsFirewall.SnapIn.ExceptionsListView.Refresh()
   at Microsoft.WindowsFirewall.SnapIn.NativeMethods.EnhancedMmcListView`1.ForceRefresh()
   at Microsoft.WindowsFirewall.SnapIn.NativeMethods.EnhancedMmcListView`1.OnShow()
   at Microsoft.ManagementConsole.View.ProcessNotification(Notification notification)
   at Microsoft.ManagementConsole.ViewMessageClient.ProcessNotification(Notification notification)
   at Microsoft.ManagementConsole.Internal.IMessageClient.ProcessNotification(Notification notification)
   at Microsoft.ManagementConsole.Executive.SnapInNotificationOperation.ProcessNotification()
   at Microsoft.ManagementConsole.Executive.Operation.OnThreadTransfer(SimpleOperationCallback callback)

...and here's the Application event log entry:

Event log error

As expected, the Security and Maintenance control panel is useless for this.

When I try this from another machine on the network, MMC doesn't crash—but the Inbound/Outbound rule lists stay empty. No relevant event log entries are produced there.

How can I track this down and fix it so I can remotely manage the server's firewall?

--UPDATE--

I just now got the MMC crash on the other machine.

InteXX
  • 713
  • 13
  • 31
  • Well, if it keeps crashing, even on other machines, I would suggest doing a clean reboot, to verify that situation. In most cases, it solves if not, you may need an older System (me had this situation solved by using an older OS and a reboot of the Server) – djdomi May 28 '21 at 06:16
  • `a clean reboot` I was hopeful with this at first, but alas the problem remains. It's starting to look like I'm going to have to open a support ticket. – InteXX May 30 '21 at 01:33
  • the only chance I see is to reset all rules, `netsh advfirewall reset` but for what reason do you use a software firewall to protect the same device it should protect? – djdomi May 30 '21 at 07:54

0 Answers0