Joined on 02-16-2005
TechSoup Member
I've been looking for a while but cannot seem to find how to add port exceptions in windows firewall on all my client machines (Windows XP SP2) from Server2003. It would definitely be a big pain to go to all of the machines separately. I appreciate any help.
Happy Thanksgiving, everyone!
You mean through Group Policies or by manually changing settings from the server? You can set up group policies to allow programs etc from the server...you can also use the remote desktop to do it the long way.
If all the machines are to be set up the same use GP's, if they are different use remote desktop and plan on a day of configuring systems.
Group Policy Locations
Computer Configuration\Administrative Templates\Network\Network Connections\Windows Firewall.
Joined on 02-16-2005
TechSoup Member
Thanks for the replies. Your instructions have gotten me to the right place, and I'm in the GPO editor at the following location:
Computer Configuration > Administrative Templates > Network > Network Connections > Windows Firewall > Domain Profile
But I do not have any option that allows me to "Define port exceptions" or "Define program exceptions".
Am I missing something?
(I'm using SBS 2003, specifically)
I think Rog pointed out the article that may suite your needs? See Using Netfw.inf. This can be deployed to all machines via scripting.
Alternative is ISA firewall config for ports and port running applications.
Along with Rog's article this article should have everything you need for scripting application and port exceptions from the DC. ~ Excellent Post!
Scripting XP2
Thats odd.
I am also running SBS 2003 and I see those options in both the Domain and Standard Profiles. Under the "Default Domain Policy".