Re: Firewall profile switching
- From: sounddoc <sounddoc@xxxxxxxxxxxxxxxxxxxxxxxxx>
- Date: Thu, 29 Jun 2006 11:34:02 -0700
Thanks Steven, that page was helpful!
I had tried a gpupdate /force after connecting to the outside force the
first time around and this second time with no luck, i'm still on the domain
profile. My plan now is to wait some time, as even a release / renew on the
new network doesn't get me to the standard profile.
From that page:
"If the last-received Group Policy update DNS name does not match any of the
connection-specific DNS suffixes of the currently connected connections on
the computer that are not PPP or SLIP-based, then the computer is attached to
another network."
an ipconfig /all shows no trace of my company's DNS suffixes or IPs.
"Windows uses this network determination process during start up and when it
is informed by the Network Location Awareness service that network settings
on the computer have changed."
I guess this is my next step - to see how this works, and what exactly it
does. I'll let everyone know what happens for posterity's sake.
Thanks again!
-Pete
--
======================
http://petekemble.com
"Steven L Umbach" wrote:
The link below helps to explain the network determination behavior though.
there is some dispute on exactly how it works. What I would try after you
remove the computer from the network to run gpupdate /force on the computer
to see if that makes a difference. If that works then do the procedure again
and try using just gpupdate. If gpupdate /force or gpupdate work then if
you need to you can change the Group Policy refresh interval for computer
configuration and policy processing [if needed] that can speed up the
changing of profiles for Windows Firewall with the understanding you want to
do that only for computer that need it as reducing the interval and
particular policy processing to force Group Policy to be reapplied at each
refresh will increase network usage. --- Steve
http://www.microsoft.com/technet/community/columns/cableguy/cg0504.mspx
"sounddoc" <sounddoc@xxxxxxxxxxxxxxxxxxxxxxxxx> wrote in message
news:57F6D6FC-275D-4FA4-BC8B-D68687FBB617@xxxxxxxxxxxxxxxx
Hello all,
I'm currently testing a GPO to hopefully go live that will enable /
disable
the windows firewall depending on the location of our users. The GPO
itself
is fine - what i'm having trouble with is switching profiles
automatically.
If I boot off the network, then the standard profile is applied just fine.
once i connect to the network the domain profile is applied almost
immediately. the problem is though, that once i disconnect again from the
network, the domain profile stays current. even when i connect to an
outside
network, the domain profile stays active. is this supposed to happen? am i
not waiting long enough for the profile to switch back to standard?
thanks very much!
-Pete
--
======================
http://petekemble.com
- References:
- Re: Firewall profile switching
- From: Steven L Umbach
- Re: Firewall profile switching
- Prev by Date: Minimum Password Length in LSP
- Next by Date: Re: password migration
- Previous by thread: Re: Firewall profile switching
- Next by thread: Minimum Password Length in LSP
- Index(es):
Relevant Pages
|
|
