Windows Server 2008 Thread, Disable Domain Firewall in Technical; Hey,
I've just set up a Server 2008 R2 x64 member server on our domain (fully joined correctly), and I ...
15th December 2011, 03:38 PM #1
- Rep Power
Disable Domain Firewall
I've just set up a Server 2008 R2 x64 member server on our domain (fully joined correctly), and I can't ping it because the firewall is enabled. I have disabled the firewall for public and private networks. But I cannot disable the domain firewall. The server is subject to no domain policies, except the default domain policy, which isn't configured anyway.
I have tried "netsh advfirewall domainprofile state off" command, but that didn't work. I get "Access Denied", despite using the domain admin account, and using CMD in administrator mode.
If I try to edit it through Control Panel > Firewall Settings, it just doesn't accept the changes. No error messages, it just doesn't apply the changes or reverts back to its default.
Last edited by CHiLL; 15th December 2011 at 04:05 PM.
17th December 2011, 04:42 PM #2
Can you stop the firewall service?
Or set a group policy to disable the domain firewall for you.
17th December 2011, 05:07 PM #3
Why would you want to disable the firewall?
17th December 2011, 06:18 PM #4
You could simply allow pings, while keeping the firewall enabled.
Originally Posted by CHiLL
netsh advfirewall firewall add rule name="ICMP Allow Incoming v4 Echo Request" protocol=icmpv4:8,any dir=in action=allow
18th December 2011, 03:35 PM #5
- Rep Power
I could, but Microsoft say that can cause problems with other services that depend on the Firewall services. (Can't remember which)
Originally Posted by ihaveaproblem
Because that's how all our other servers are set up (not by myself). This is a test environment, and I wanted to simulate the real one as much as possible.
Originally Posted by plexer
I'll try that, thanks.
Originally Posted by Arthur
18th December 2011, 03:42 PM #6
Your servers make baby security jesus cry
Firewalls are there for a reason, so many worms etc. would have been prevented if people left them enabled.
Arthur's way is the right one, only open up what you need. Most of the services open up what they need by default anyway which leaves you with a much more robust server in the end.
Last edited by SYNACK; 18th December 2011 at 03:45 PM.
By Tricky_Dicky in forum Internet Related/Filtering/Firewall
Last Post: 3rd November 2010, 03:44 PM
By Halfmad in forum Windows
Last Post: 23rd February 2010, 04:54 PM
By Kyle in forum How do you do....it?
Last Post: 25th September 2006, 06:51 PM
By tarquel in forum Wireless Networks
Last Post: 27th July 2006, 09:42 AM
Users Browsing this Thread
There are currently 1 users browsing this thread. (0 members and 1 guests)