RE: Turning on the firewall via a GPO

From: Tom Che [MSFT] (v-tomche_at_online.microsoft.com)
Date: 05/03/05

  • Next message: Jonas Haggren: "Limit bandwidth" 
    Date: Tue, 03 May 2005 09:31:45 GMT

    Hi Harrison,

    Thanks for posting here. Also thank the other customer's reply.

    >From your post, my understanding of your concern is: You want to know how
    to configure the Windows Firewall to allow user to turn off the Firewall,
    but itself will turn on after next restarting. If this is not correct,
    please feel free to let me know.

    Although there isn't a proper simple policy with GPO to do this, we still
    can complete this by Script:

    1. Edit a script which can run the following command:

    netsh firewall set opmode enable

    Above command will turn on the Windows Firewall

    For more information about this command, please refer to the following
    document:

    Deploying Windows Firewall Settings for Microsoft Windows XP with Service
    Pack 2
    http://download.microsoft.com/download/6/8/a/68a81446-cd73-4a61-8665-8a67781
    ac4e8/wf_xpsp2.doc

    2. Add the script file to Domain Default GPO as Computer Startup or/and
    Shutdown Scripts

    For more information about how to write script and GPO Startup/Shutdown
    Scripts, please refer to the following Microsoft Web site:

    Script Center
    http://www.microsoft.com/technet/community/scriptcenter/default.mspx
     
    Windows 2000 Computer Startup Scripts:
    http://www.microsoft.com/technet/prodtechnol/windows2000serv/maintain/optimi
    ze/startw2k.asp?frame=true

    Active Directory Services and Group Policy in Windows Server 2003:
    http://www.microsoft.com/israel/events/downloads/ws2003event/Active_Director
    y.ppt

    Hope this helps!

    Have a nice day!

    Sincerely,
    Tom Che
    Microsoft Online Partner Support

    Get Secure! - www.microsoft.com/security
    =====================================================
    When responding to posts, please "Reply to Group" via your newsreader so
    that others may learn and benefit from your issue.
    =====================================================
    This posting is provided "AS IS" with no warranties, and confers no rights.

    --------------------
    >Thread-Topic: Turning on the firewall via a GPO
    >thread-index: AcVPZp7a56Usv23ORUKE40cVRr7WNg==
    >X-WBNR-Posting-Host: 83.78.3.187
    >From: "=?Utf-8?B?RGVzbW9uZCBMZWU=?=" <mcp@donotspamplease.mars>
    >References: <OTk5#Y1TFHA.544@TK2MSFTNGP15.phx.gbl>
    >Subject: RE: Turning on the firewall via a GPO
    >Date: Mon, 2 May 2005 15:31:02 -0700
    >Lines: 27
    >Message-ID: <49F889A8-125C-430F-8A6D-3FB743D47DBD@microsoft.com>
    >MIME-Version: 1.0
    >Content-Type: text/plain;
    > charset="Utf-8"
    >Content-Transfer-Encoding: 7bit
    >X-Newsreader: Microsoft CDO for Windows 2000
    >Content-Class: urn:content-classes:message
    >Importance: normal
    >Priority: normal
    >X-MimeOLE: Produced By Microsoft MimeOLE V6.00.3790.0
    >Newsgroups: microsoft.public.windowsxp.security_admin
    >NNTP-Posting-Host: TK2MSFTNGXA03.phx.gbl 10.40.2.250
    >Path: TK2MSFTNGXA01.phx.gbl!TK2MSFTNGXA03.phx.gbl
    >Xref: TK2MSFTNGXA01.phx.gbl microsoft.public.windowsxp.security_admin:45766
    >X-Tomcat-NG: microsoft.public.windowsxp.security_admin
    >
    >Check out:
    >
    > http://www.microsoft.com/technet/community/columns/cableguy/cg0204.mspx
    >
    >and the useful links at end of that article.
    >
    >Do let us know if it helps. Thanks.
    >
    >
    >"Harrison Midkiff" wrote:
    >
    >> Hello:
    >>
    >> I have been working on getting my network ready for WinXP SP2. The
    firewall
    >> is the big thing for me. I have found the GPO that allows me to turn the
    >> firewall on, but when I do that the user can not turn it off if they
    choose
    >> to. Ideally I want the firewall configured so it will be on everytime
    the
    >> user restarts there computer. They can turn it off, but when the
    computer
    >> reboots the firewall will be back on again.
    >>
    >> Does any know if I can configure it this way?
    >>
    >> Harrison Midkiff
    >>
    >>
    >>
    >>
    >

  • Next message: Jonas Haggren: "Limit bandwidth"

    Relevant Pages

    • RE: Internet Explorer cannot display the web page
      ... "daviedoug" wrote: ... My wife's is connected via the Network. ... Firewall off and done the installation?. ... I don't know what you mean with windows Firewall, ...
      (microsoft.public.windowsxp.help_and_support)
    • Re: Setup Error when connecting Xbox 360 to MCE2005 PC
      ... Attempt to add your Xbox 360 again via the Media Center Extender Manager ... but receive the Setup Error (stating problems with the firewall ... Microsoft KB911728 for opening ports and allowing traffic to/from XBox ... Unable to open ports in the Windows firewall. ...
      (microsoft.public.windows.mediacenter)
    • Re: Outpost firewall wont run
      ... the Windows Firewall in XP does a fantastic job ... Deconstructing Common Security Myths. ... Don't fall for software applications touted in publications relying on ...
      (microsoft.public.windowsxp.help_and_support)
    • Re: Firewall =?ISO-8859-15?Q?f=FCr_Netbook=3F?=
      ... "Windows Firewall" bezeichnet wird und nicht in einen Topf mit PFWs ... Artikel über Personal Firewall. ... Aktionsmöglichkeiten abdecken will und das ONU auch noch klarmachen ...
      (microsoft.public.de.german.windowsxp.networking)
    • Re: XP Firewall Disabled - Help!
      ... Whern I install the SP1 tonight it ... Possibly some process is still doing changes to the registry. ... It says firewall is turned off. ... Find the Windows Firewall Service and make sure that the startup ...
      (microsoft.public.windowsxp.security_admin)