XP Firewall GPO Problem

Home Forums Microsoft Networking and Management Services GPO XP Firewall GPO Problem

This topic contains 1 reply, has 1 voice, and was last updated by  Deland01 8 years, 9 months ago.

Viewing 2 posts - 1 through 2 (of 2 total)
  • Author
    Posts

  • Deland01
    Member
    #147337

    I’m looking at enabling the XP firewall across the whole company via GPO as it’s currently not enabled. Our network is based on 2 different sites with the following IP ranges in use:

    Site 1
    192.168.0.x
    192.168.1.x
    192.168.2.x
    192.168.102.x
    192.168.109.
    Subnet 255.255.252.0

    Site 2
    192.168.10.x
    Subnet 255.255.255.0

    I have enabled the following GPO’s

    Domain> Windows Firewall: Protect all network connections
    Domain> Windows Firewall: Allow remote administration exception
    Domain> Windows Firewall: Allow file and printer sharing exception
    Domain> Windows Firewall: Allow Remote Desktop exception
    Domain> Windows Firewall: Allow UPnP framework exception
    Domain> Windows Firewall: Prohibit notifications
    Domain> Windows Firewall: Allow local port exceptions
    Standard Profile> Windows Firewall: Protect all network connections

    Some of the GPO’s require you to specify which network these can be used on, so under the box called “Allow unsolicited messages from:” I have entered the following: 255.255.252.0,255.255.255.0

    I have this GPO applied to an OU in AD with x2 test PC’s in, one test PC on each site. When ever I enable the GPO then restart the PC the GPO is picked up & it locks everything down, I cant remote desktop either PC or browse the files on the C$ share. If I check the firewall exceptions tab everything is showing its now being controlled by GPO & its ticked.

    This is having the reverse effect on what I’m trying to achieve.

    Any suggestions to what I’m doing wrong?


    Deland01
    Member
    #293378

    Re: XP Firewall GPO Problem

    I figured the issue, I just had the wrong network information in the “Allow unsolicited messages from:” box. Here’s what I needed.

    localsubnet,192.168.0.0/24,192.168.1.0/24,192.168.2.0/24,192.168.10.0/24,192.168.102.0/24,192.168.109.0/24

Viewing 2 posts - 1 through 2 (of 2 total)

You must be logged in to reply to this topic.