0

We have Domain Controller Group Policy Set to Disable Firewall on All computers within Domain, because we have Syamntec end point Protection enabled. The problem now is, since Windows Firewall is Disabling automatically because of GPO, WE cannot ping or reach Terminal Apps from Local LAN within Domain.

Tried starting manually the Windows firewall on VM servers (2008 Enterprise) and as expected the Ping and Terminal Apps are reached and working flawlessly, until the Domain controller pushes Disable firewall Group policy onto VM servers. Manually given exception in windows firewall for Remote Desktop Terminal Services programs, but since GPO is forcing for Firewall disable, exceptions no longer work after certain time.

Please let me know, if Creating a OU in DC giving Exceptions for two VM servers for firewall enabling solves it or any precise solution waiting for...

Please can somebody help me understand the situation and solve this ASAP

Thanks

chaladi
  • 51
  • 1
  • 1
  • 7

1 Answers1

1

The issue can be solved by using the SECPOL.MSC configuration. Run as admin.

We need to allow the traffic of firewall even if firewall is disabled by GPO for public, private and local domain policies.

Allow inbound and outbound traffic for Domain, Private and Public as seen in the below Screenshot. And that's it! it will now work, even if Domain policy forces to disable firewall.

enter image description here

Change all the Private, Domain and Public Profiles as seen above and configure to allow incoming and outgoing traffic even if firewall is disabled or enabled.

That’s it.

chaladi
  • 51
  • 1
  • 1
  • 7