[fw-wiz] VPN and XP Firewall GPO settings



Folks hoping for a little input here:

We have a Juniper SSL VPN that has Network Connect functionality. We have our Group Policies configured so that when onsite XP firewall is disabled, when offsite XP firewall is enabled.

It seems what's happening when people use the Network Connect functionality of the VPN is that XP is detecting that it has connectivity to the LAN and the domain controllers/DNS boxes and is switching from the "Standard Profile" to the "Domain Profile" and dropping the firewall, which is of course unacceptable (I accept it's behaving by design so it's not really a criticism of Microsoft).

What do people do to work around this kind of issue? I guess a group policy for laptops that enables the firewall even when on the domain is one option, and I've opened a case with JTAC in case I'm missing something on the SA config.

Thanks.
_______________________________________________
firewall-wizards mailing list
firewall-wizards@xxxxxxxxxxxxxxxxxxxxx
https://listserv.icsalabs.com/mailman/listinfo/firewall-wizards



Relevant Pages

  • No controlling tty
    ... emulation program to communicate with the firewall via the serial port. ... system going on the network? ... I may have a use for this functionality even ...
    (comp.unix.bsd.openbsd.misc)
  • XP Firewall when using VPN
    ... We have a Juniper SSL VPN that has Network Connect functionality. ... when offsite XP firewall is enabled. ...
    (microsoft.public.windows.group_policy)
  • RE: can ping but not browse
    ... I have stopped the firewall. ... # are safed from all (security) hazards. ... firewall/bastion host to the internet ... # internet and to an internal network, ...
    (Fedora)
  • Re: Turn off all sharing and network discovery
    ... which is basically Windows XP running as a virtual ... It does need its own AV and firewall. ... unnecessary network resource sharing and resource discovery. ...
    (microsoft.public.windowsxp.general)
  • Re: Turn off all sharing and network discovery
    ... which is basically Windows XP running as a virtual ... It does need its own AV and firewall. ... unnecessary network resource sharing and resource discovery. ...
    (microsoft.public.windowsxp.general)