Why aint my policy firing?

  • Thread starter Thread starter Grant
  • Start date Start date
G

Grant

In GPMC under 'Computer configuration-Administrative
Templates-Network-Network Connections-Windows Firewall-domain Profile', Im
enabling "define port exceptionss". I need to open a port for Norton Anti
Virus and am using the following string (Dont know if its the correct
format):

"2967:UDP:192.168.200.0/224:enabled:SymenatedAntivirusPort"

I set this yesterday befor going home but when I logged in this morning I
checked my firewall and that port wasn't open.

I havent used this new GPMC much , so could anyone tell me how to get htis
thing to fire? To create it I created a new GPO under the "Group Policy
Object" node in GPMC and then edited it to open that port.



Thanks,

Grant
 
Some further investigation:

Ive just updated Windows firewall GPO with a few other settings like allow
ICMP and file and printer sharing. When I run GPRESULT /V on the local
machine I get a list starting with computer settings. Here is a snippet of
what it contains under "COMPUTER SETTINGS":

-------------------Start Snippet--------------------------------

Administrative Templates
------------------------
GPO: Enable Firewall ports
Setting:
SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile\GloballyOpenPorts
State: Enabled

GPO: Enable Firewall ports
Setting:
SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile\IcmpSettings
State: Enabled

GPO: Enable Firewall ports
Setting:
SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile\RemoteAdminSettings
State: Enabled

-------------------End Snippet---------------------------------


The problem (I think) is that under "USER SETTINGS" I get this:


-------------------Start Snippet--------------------------------

Applied Group Policy Objects
-----------------------------
Default Domain Policy

The following GPOs were not applied because they were filtered out
-------------------------------------------------------------------
Enable Firewall ports
Filtering: Not Applied (Empty)

Local Group Policy
Filtering: Not Applied (Empty)

-------------------End Snippet---------------------------------

I have applied this GPO at the domain level - in GPMC i can see the Enable
Firewall ports GPO listed right below the default domain GPO.

The problem is when I restart my machine and check the firewall, those ports
arent enabled?? It must have something to do with that line " Filtering:
Not Applied (Empty)" but I dont know what that means? Can anyone help me
with this?

Thanks,
Grant
 
Back
Top