+ Post New Thread
Results 1 to 6 of 6
Windows Server 2008 Thread, Disable Domain Firewall in Technical; Hey, I've just set up a Server 2008 R2 x64 member server on our domain (fully joined correctly), and I ...
  1. #1

    Join Date
    Nov 2010
    Location
    Birmingham, UK
    Posts
    179
    Thank Post
    10
    Thanked 0 Times in 0 Posts
    Rep Power
    0

    Disable Domain Firewall

    Hey,

    I've just set up a Server 2008 R2 x64 member server on our domain (fully joined correctly), and I can't ping it because the firewall is enabled. I have disabled the firewall for public and private networks. But I cannot disable the domain firewall. The server is subject to no domain policies, except the default domain policy, which isn't configured anyway.

    I have tried "netsh advfirewall domainprofile state off" command, but that didn't work. I get "Access Denied", despite using the domain admin account, and using CMD in administrator mode.

    If I try to edit it through Control Panel > Firewall Settings, it just doesn't accept the changes. No error messages, it just doesn't apply the changes or reverts back to its default.
    Last edited by CHiLL; 15th December 2011 at 04:05 PM.

  2. #2

    Join Date
    Jun 2010
    Location
    England
    Posts
    735
    Thank Post
    89
    Thanked 52 Times in 46 Posts
    Rep Power
    35
    Can you stop the firewall service?
    Or set a group policy to disable the domain firewall for you.

  3. #3

    plexer's Avatar
    Join Date
    Dec 2005
    Location
    Norfolk
    Posts
    13,630
    Thank Post
    734
    Thanked 1,692 Times in 1,506 Posts
    Rep Power
    434
    Why would you want to disable the firewall?

    Ben

  4. #4


    Join Date
    Feb 2007
    Location
    51.403651, -0.515458
    Posts
    9,474
    Thank Post
    246
    Thanked 2,838 Times in 2,095 Posts
    Rep Power
    817
    Quote Originally Posted by CHiLL View Post
    I can't ping it because the firewall is enabled.
    You could simply allow pings, while keeping the firewall enabled.

    Code:
    netsh advfirewall firewall add rule name="ICMP Allow Incoming v4 Echo Request" protocol=icmpv4:8,any dir=in action=allow

  5. #5

    Join Date
    Nov 2010
    Location
    Birmingham, UK
    Posts
    179
    Thank Post
    10
    Thanked 0 Times in 0 Posts
    Rep Power
    0
    Quote Originally Posted by ihaveaproblem View Post
    Can you stop the firewall service?
    Or set a group policy to disable the domain firewall for you.
    I could, but Microsoft say that can cause problems with other services that depend on the Firewall services. (Can't remember which)

    Quote Originally Posted by plexer View Post
    Why would you want to disable the firewall?

    Ben
    Because that's how all our other servers are set up (not by myself). This is a test environment, and I wanted to simulate the real one as much as possible.



    Quote Originally Posted by Arthur View Post
    You could simply allow pings, while keeping the firewall enabled.

    Code:
    netsh advfirewall firewall add rule name="ICMP Allow Incoming v4 Echo Request" protocol=icmpv4:8,any dir=in action=allow
    I'll try that, thanks.

  6. #6

    SYNACK's Avatar
    Join Date
    Oct 2007
    Posts
    11,247
    Thank Post
    882
    Thanked 2,745 Times in 2,319 Posts
    Blog Entries
    11
    Rep Power
    785
    Your servers make baby security jesus cry

    Firewalls are there for a reason, so many worms etc. would have been prevented if people left them enabled.

    Arthur's way is the right one, only open up what you need. Most of the services open up what they need by default anyway which leaves you with a much more robust server in the end.
    Last edited by SYNACK; 18th December 2011 at 03:45 PM.



SHARE:
+ Post New Thread

Similar Threads

  1. Domain/Standard profile firewall question
    By Tricky_Dicky in forum Internet Related/Filtering/Firewall
    Replies: 1
    Last Post: 3rd November 2010, 03:44 PM
  2. Replies: 1
    Last Post: 23rd February 2010, 04:54 PM
  3. Windows XP SP2 firewall policies on Domain
    By Kyle in forum How do you do....it?
    Replies: 16
    Last Post: 25th September 2006, 06:51 PM
  4. Two domains - Comunication through a firewall prob
    By tarquel in forum Wireless Networks
    Replies: 10
    Last Post: 27th July 2006, 09:42 AM

Thread Information

Users Browsing this Thread

There are currently 1 users browsing this thread. (0 members and 1 guests)

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •