Questions tagged [windows-firewall]
"Windows Firewall" refers to the built in client firewall utility that ships with the Windows operating system. (It was previously named the Internet Connection Firewall.) By default, all Windows operating systems since Windows XP and Windows Server 2003 have shipped with this client.
458
questions
27
votes
4
answers
79k
views
Windows Advanced Firewall: What does "Edge Traversal" mean?
this should be a really simple one:
In Advanced Windows Firewall on Windows Server 2008+, Properties > Advanced, what does "Edge Traversal" mean?
I Googled it, of course, and was unable to come up ...
- 2,296
23
votes
4
answers
96k
views
Windows 10 - Disable warning notification about disabled firewall via GPO
Is there a way to disable the warning that is displayed in the notifications area, telling you that the Windows firewall is disabled?
Edit: We would specifically like to achieve this via group policy,...
- 1,743
17
votes
2
answers
94k
views
Whats the difference between local and remote addresses in 2008 firewall address
In the firewall advanced security manager/Inbound rules/rule property/scope tab you have two sections to specify local ip addresses and remote ip addresses.
What makes an address qualify as a local ...
- 1,347
16
votes
6
answers
55k
views
How can I use netsh to find a rule using a pattern
I'm wondering whether anyone in Microsoft has ever come to a situation where they can't remember a rule's name!
The netsh advfirewall firewall show rule only accepts 1 name and no pattern matching ...
- 412
15
votes
4
answers
9k
views
What can be done to properly re-enable the Windows Firewall on a domain?
BACKGROUND/RESEARCH
I honestly believe that questions like this one: Using GPO in Active Directory domain to force workstations Windows Firewall to disabled - how? existed because Windows Admins in ...
- 32.7k
14
votes
1
answer
3k
views
How can I back up my recommendation to NOT disable the Windows Firewall service?
I know from direct personal experience that disabling the Windows Firewall service on post-XP systems can lead to all sorts of networking problems, and that the proper way of disabling it is by ...
- 70.7k
14
votes
2
answers
6k
views
"Predefined set of computers", where to define?
In windows 8/10/Server 2012/Server 2016 "Windows Firewall with Advanced Security", when defining allowable addresses, I can select addresses/subnets, address-ranges, or a pull-down with "Predefined ...
- 987
12
votes
2
answers
25k
views
How to add subnets to Windows Firewall "local subnets"?
On Windows Firewall under an individual rule the scope tab allows you to define which ips are subject to the rule. One of the built in options is "Local subnet".
How can you add an additional subnet ...
- 1,434
12
votes
5
answers
35k
views
Windows Firewall rule based on domain name instead of IP
I'm trying to allow a service to a set of machines via Windows Firewall. I'd like to add my home machine to the firewall but my home machine has a dynamic ip address. I use dyndns so that I have a ...
- 221
11
votes
3
answers
87k
views
How do I get IIS working and accessible outside my network behind a router? [closed]
My machine is running Windows 7 Ultimate. Here's what I've done (successfully) so far:
Installed IIS 7.5 with PHP over FastCGI
Got it working! When I go to http://localhost/index.php , my PHP scripts ...
- 719
11
votes
1
answer
34k
views
How to know currently open ports on the Windows Firewall?
On Windows XP and Windows Server 2003, I can know currently open ports on the Windows Firewall using the following command:
netsh firewall show state
However, on Windows 7 and Hyper-V Server 2008 R2,...
- 143
9
votes
2
answers
7k
views
Inbound Windows Firewall Core Networking Rules
I've just purchase a Windows Server 2008 R2 VPS plan and I was alarmed to see the default configuration had Windows firewall disabled. I've enabled the firewall and disabled most of the inbound rules, ...
- 253
9
votes
1
answer
12k
views
Do new Windows firewall rules affect currently open connections?
If I added a rule to windows firewall that blocked an ip or port currently used by an open connection, does that rule take effect immediately or only after the connection were closed?
I.e, If I have ...
- 193
9
votes
2
answers
6k
views
Windows Firewall - blocking IP address ranges en masse - performance considerations?
One of our services is an extranet for the exclusive use of our 200 employees across the UK. We're seeing a huge number of login attempts from China, Russia, Ukraine and Nigeria. I have large lists of ...
- 209
8
votes
5
answers
13k
views
PsExec Slow to connect when Windows Firewall Enabled
Situation:
Running PsExec takes 20 seconds with the Windows firewall active, and 1 second with it disabled.
Exceptions added to the firewall:
opened ports 135 and 445 (both tcp) as per http://...
- 191
8
votes
6
answers
29k
views
Windows firewall logging. Log file is always blank
I have read many similar articles and posts on how to enable windows firewall logging. I have Win2k8r2 server without any Active Directory, DC, domains and other complicated stuff. Almost all of this ...
- 191
8
votes
4
answers
28k
views
Teamviewer VPN blocked by Windows Firewall
I am using Teamviewer 9 and would like to use the VPN option. I installed it all and it works perfectly only if I turn off the Windows firewall on my VPN target. Teamviewer.exe ia already allowed ...
7
votes
4
answers
23k
views
How do I disable the firewall on a single interface in Windows 7?
We're using openvpn to provide access back from XP to work. We use AD policies to ensure the XP firewall is up when off the domain and down when on the domain. With openvpn, you end up with a new ...
- 181
7
votes
1
answer
9k
views
Can firewall block packets visible in Wireshark?
Wireshark shows that an RTP package is received on a PC.
Is it possible that despite detection by Wireshark, something (firewall?) is still prevent the application listening to the required port on ...
7
votes
1
answer
6k
views
How do you disable "stealth mode" on Windows Server 2008?
After reading this article and this one I've decided to change all our firewalls to reject instead of block packets in most cases. My experience corroborates the arguments these articles make.
...
- 308
7
votes
1
answer
7k
views
Windows Firewall IP ban?
OK, question: I have a IIS webserver and Windows firewall.
To allow incoming connections to IIS, I enabled port 80 and 8080.
But now, how can I block a specific IP address/range on port 80 (=ban) ...
- 1,024
6
votes
2
answers
2k
views
For an internet-facing, all-roles-in-one Exchange server, what do I need to let through the firewall?
As the result of a recent penetration test, in which we did not fare well, it has been brought to my attention that our internet facing, all-roles-in-one, Exchange 2010 SP3 server has no firewall in ...
- 53.9k
6
votes
6
answers
46k
views
Enable file and print sharing command line - how to enable it just for profile=private
I know that the following cmd can enable file and print sharing firewall rule:
netsh advfirewall firewall set rule group="File and Printer Sharing" new enable=yes
But it turns on file and print ...
- 469
6
votes
2
answers
11k
views
Windows firewall blocking network shares through VPN server
I have a VPN server in front of a 172.16.0.0/24 network. On my client side is a 192.168.1.0/24 network. I am able to successfully VPN in to the server network from the client, and I am trying to ...
- 161
6
votes
4
answers
9k
views
Does Windows Firewall have the ability to log which exe is blocked?
We would like to distribute a firewall program with our product.
I can configure the Windows Firewall to block outgoing connections (which it does not by default)
netsh advfirewall set allprofiles ...
- 2,253
6
votes
1
answer
2k
views
Can I use Win 2k8 R2 as an IPSEC client?
I'm trying to connect a win server 2008 R2 box to a juniper ssg firewall using a client-to-gateway IPSEC VPN.
I tried to set it up in Windows Firewall with Advanced Security, but the connection doesn'...
user55696
6
votes
1
answer
2k
views
Windows File Sharing not working
We have a workstation on our domain that we need to share a printer from, and it's not working. I also set up a shared folder to help with testing.
Details:
We are on a domain. All operations ...
- 325
5
votes
3
answers
5k
views
Is the firewall on Windows Server 2008 R2 sufficient?
I'm planning a few servers to be run on Rackspace cloud. Aside from using load balancers to control the flow of web traffic, how good is the Windows Firewall? I'm thinking in terms of throughput as ...
- 558
5
votes
2
answers
56k
views
Configure Windows Firewall to block all except for specific traffic
I'm trying to configure Windows Firewall on Server 2008 R2 to block everything except for the traffic that I add to the rule list.
I see there are three policies - public/private/domain. I've been ...
- 1,188
5
votes
2
answers
849
views
Hardening a file-serving Windows Server 2019 instance
I'm in the process of re-configuring and securing a server for the small company that I work for. We use it to store design files and other data with Autodesk Vault. It's running on a VPS from a ...
5
votes
2
answers
11k
views
Applying outbound connection rules PER USER in Windows Firewall with Advanced Security
In the latest version of the Windows Firewall, included for example in Windows Server 2008 R2, you can block incoming connections and apply this rule only for a set of users (Users Tab in the rule ...
- 900
5
votes
1
answer
795
views
Why won't Windows XP firewall use domain settings on boot?
Although my XP workstations are connected to the domain, after booting firewall.cpl reports they're "using non-domain settings".
Official literature tells me it's an issue with the DNS suffix of its ...
5
votes
1
answer
5k
views
Windows firewall blocks nearly all traffic after reboot?
Sometimes when the systems boot they don't accept any inbound traffic at all and my IPSec rules don't work outbound - it appears that the server is stuck in some kind of initial post boot ...
- 15.6k
5
votes
0
answers
805
views
Firewall "Connection Security" when there is no trust and NATing between the two computers
First a little explanation of my network topology.
I have a internal domain, and edge network domain. There is no trust between the two domains (and IT will not allow a one way trust to be set up ...
- 1,465
4
votes
4
answers
374
views
Is it a valid security decision to protected exposed RDP servers by restricting IP addresses with a firewall?
As you probably all know, new security flaws continue to emerge in RDP for Windows. I have googled and read about this issue, and possible fixes/solutions.
It surprises me that no one mentions, to ...
- 153
4
votes
8
answers
76k
views
Active FTP client blocked by Windows Firewall on Windows 7
I have an application that runs as a service and contains an FTP client. It needs to connect to an FTP server that only supports Active FTP. When I attempt to get a list of files or download a file, ...
- 141
4
votes
1
answer
20k
views
How can I allow RDP access to a Windows 2008R2 server from one IP?
I've been trying to secure RDP to a new Windows 2008R2 server (using Windows Firewall) by only allowing RDP traffic from one IP address.
Under the "Computers" tab, it seems I can only allow user or ...
- 558
4
votes
3
answers
8k
views
Configure Windows firewall blocking behaviour
Does anyone know if it is possible to configure the behaviour of Windows Firewall when it has determined that a packet is disallowed?
By default, it will silently discard the packet and the source is ...
- 702
4
votes
1
answer
33k
views
What are differnet between local port and remote port of firewall in Windows 2016 server?
I use MS SQL 2017 Express Database server in my Windows 2016 server.
I hope to expose MS SQL 2017 Express Database server to the internet, so I need open 1433 port in firewall.
But I find there are ...
- 167
4
votes
2
answers
3k
views
Windows Firewall misbehaving
I'm trying to implement Windows firewalls on our servers, and I've come across an oddity that I could do with some advice on:
So I have a service listening on ports 8099-8102TCP, and a matching ...
- 308
4
votes
1
answer
3k
views
Copy a Windows Server Firewall address list from one rule to another using Powershell
I'm a little stuck on the documentation for the Firewall cmdlets in Windows server. I am trying to copy the address lists for the remote and local ips from one rule to another. I can get the list ...
- 165
4
votes
2
answers
16k
views
Apache tomcat server win8 cannot be accessed outside of local host
I have installed the apache-tomcat server on my local win7. The port I specified is 9999. Additionally, I use the distributed binary version of apache tomcat. Not installing as a windows service.
I ...
- 319
4
votes
1
answer
161
views
Is it easy or even possible yet to manage windows firewall with powershell?
I'm doing some POC testing on a server 2012 environment, and during initial firewall configuration I find myself going to the GUI repeatedly when I'd really much rather be able to write a script. I've ...
- 752
4
votes
1
answer
2k
views
netsh advfirewall set store gpo: %COMPUTERNAME% does not work
I am in charge of a group of computers that process highly confidential data. They cannot be connected to the Internet or even the company network, only a network drive. So I wrote a batch file on the ...
- 43
4
votes
2
answers
2k
views
Server is listening in Port 110 and I can't find any way to disable or block it
I have a Windows 2012 R2 server used as web server, with ports for web (80, 443, and 8080) open for public sites hosted on it. Doing some security checks on it, I found it's listening on port 110 too:
...
4
votes
1
answer
644
views
Microsoft Exchange 2007 & Windows Firewall
I have been tasked with deploying Windows Firewall on our servers as an added measure of security. The more I investigate the ports in use on an Exchange server, the more I realize that this is a very ...
- 41
4
votes
2
answers
9k
views
What exceptions should Windows Firewall have to allow network discovery?
I'm running Vista x64 at work (upgrading to Win7 on Monday), and I've had a problem for awhile. When I have Windows Firewall turned on, I'm unable to connect to my machine from any other machine on ...
- 143
4
votes
1
answer
3k
views
Windows Web Server Login Attempts
We have a cloud web server serving several e-commerce websites, which is running Windows Server 2008 R2 and IIS 7.5. We access the server via RDC.
After looking at the windows security log I can see ...
- 147
4
votes
2
answers
1k
views
Windows Firewall refusing connections unless logging turned on
From the Windows Mystery Caves:
a user trying to access a Windows Server 2008 R2 Remote Desktop Session Host is getting network timeouts upon connection establishment attempts. The Remote Desktop ...
- 40.8k
4
votes
1
answer
472
views
Is the windows server 2008 r2 firewall in amazon ec2 not necessary
Under normal circumstances, is the windows server 2008r2 firewall, running on an amazon ec2 instance even necessary? Can it safely be turned off? It appears that thru the security groups, amazon is ...
- 1,319