Re: XP Firewall Quandry

I have seen this request a number of times and have not seen a good
resolution that is easily deployable. I suggest that you also cross post in
the Microsoft wireless and networking newsgroups of which there are two good
ones - sever.networking and windowsxp.network_web. One solution would be to
enable the Windows Firewall in both domain and standard policy. Then if
needed you could select the option to allow exceptions from specific admin
computers such as those that run rsop against the domain computers or use
Computer Management to access and manage. That would leave the domain
computers still functional while protecting the wireless network adapters
from the internet. Enabling the Windows Firewall does not prevent domain
computers/users from logging onto the domain and to access domain
sources. --- Steve



"Remy" <Remy@xxxxxxxxxxxxxxxxxxxxxxxxx> wrote in message
news:DEED63BF-30EF-4A2E-9911-3430AC1D8F67@xxxxxxxxxxxxxxxx
Hopefully someone here will know the answer to this, I have searched the
web
in vain.

I would like to deploy XP firewall to our clients and use for Wireless
connections. I have created a Domain and Standard policy and distrubuted
via
GP.

The domain policy disables the firewall, the Standard enables it. I
understand that when a DC is located the domain policy is applied and when
it
isn't the standard is applied.

Now, here's the problem. If someone connects to a wireless network AND LAN
simultaneously the domain policy is applied to both interfaces - not good.
This effectively provides a free tunnel from an insecure network into our
private one.

It doesn't matter the order in which the network connections are made.

I need to find a way to either apply the domain and standard policies to
separate connections or to disable the Wireless interface if a LAN is
detected, any help would be appreciated. Regardless of the argument on the
merits of the XP Firewall, this is an XP Firewall killer if there isn't a
solution.

regards,
Remy


.

Relevant Pages

  • Re: XP Firewall Quandry
    ... We wish to enable network connections on external private ... enable the Windows Firewall in both domain and standard policy. ... computers such as those that run rsop against the domain computers or use ... The domain policy disables the firewall, ...
    (microsoft.public.windowsxp.security_admin)
  • Re: Disable Group Policy Remotely
    ... Standard you should be able to do this. ... the firewall settings from within control panel across our network. ... override this setting while the computers are off the network. ...
    (microsoft.public.windows.server.active_directory)
  • Re: Domain Policy heritance mismatch
    ... I've defined in my OU some groups to sort my computers. ... have a domain policy. ... XP Firewall and WSUS settings. ...
    (microsoft.public.windowsxp.security_admin)
  • Re: Firewall and XP Pro
    ... >>> Why would it only affect some computers. ... >>> to find the firewall enabled policy? ... >> Open Group Policy Management Console & start looking. ... The domain policy at ALL computers is ...
    (microsoft.public.windows.server.sbs)
  • Re: Black,Blue,andBlack again
    ... then me rebooting more times than I can count. ... seriously and have always used ZoneAlarm, ... This way in the past we have been able to stop our computers from being ... We have now tried using another firewall software called Sygate Personal ...
    (microsoft.public.security)