- Group Policy enforcing firewall
- Posted by Zeb on October 21st, 2005
A couple of days ago, my bittorrent client stopped working. It turned out
that the built in XP firewall ( I have sp2 on home ) had been activated.
So I opened the firewall tool in the control panel and the options were non
clickable, i could not click the turn it off.
At the top it says "For safety reasons some settings are controlled by a
group policy".
I thought it was a virus so I ran NOD32, deep scan with full heurestics on,
nothing was found.
I've been looking on microsoft support but i cant find anything, the only
thing that i think would help is the group policy editor console. It only
works on xp professional and I have home.
What could have caused this? How would I be able to disable the policies /
disable the firewall?
Thanks in advance
- Posted by Ramesh, MS-MVP on October 21st, 2005
When you open (or 'run') firewall.cpl, does it read as "For your security,
some settings are controlled by Group Policy" at the top of the applet? If
that's the case, try this:
For Windows XP Home Edition:
---------------------------------
Open Regedit.exe and navigate to:
HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Win dowsFirewall\DomainProfil*e
(and)
HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Win dowsFirewall\StandardProf*ile
In the right-pane, delete the "EnableFirewall" value.
Close Regedit.exe and restart Windows.
For Windows XP Professional:
-------------------------------
From Start/Run, type Gpedit.msc and navigate to:
Computer Configuration
=> Administrative Templates
=> System
=> Network
=> Network Connections
=> Windows Firewall
=> Standard Profile
Set the following options to "Not Configured" (defaults)
Windows Firewall: Protect all network connections
Windows Firewall: Do not allow exceptions
Windows Firewall: Define program exceptions
Windows Firewall: Allow local program exceptions
Windows Firewall: Allow remote administration exception
Windows Firewall: Allow file and printer sharing exception
Windows Firewall: Allow ICMP exceptions
Windows Firewall: Allow Remote Desktop exception
Windows Firewall: Allow UPnP framework exception
Windows Firewall: Prohibit notifications
Windows Firewall: Allow logging
Windows Firewall: Prohibit unicast response to multicast or broadcast
requests
Windows Firewall: Define port exceptions
Windows Firewall: Allow local port exceptions
--
Ramesh, Microsoft MVP
Windows XP Shell/User
Windows XP Troubleshooting
http://www.winhelponline.com
"Zeb" <Zeb@discussions.microsoft.com> wrote in message
news:C33B83C6-5CE9-4CB8-A7FF-8D94946CE747@microsoft.com...
>A couple of days ago, my bittorrent client stopped working. It turned out
> that the built in XP firewall ( I have sp2 on home ) had been activated.
> So I opened the firewall tool in the control panel and the options were
> non
> clickable, i could not click the turn it off.
> At the top it says "For safety reasons some settings are controlled by a
> group policy".
> I thought it was a virus so I ran NOD32, deep scan with full heurestics
> on,
> nothing was found.
>
> I've been looking on microsoft support but i cant find anything, the only
> thing that i think would help is the group policy editor console. It only
> works on xp professional and I have home.
>
> What could have caused this? How would I be able to disable the policies /
> disable the firewall?
> Thanks in advance
- Posted by Zeb on October 21st, 2005
Thank you! That did it. I can now turn the firewall off in firewall.cpl, the
options arent greyed out anymore. However the group policy notification is
still there.
- Posted by Ramesh, MS-MVP on October 21st, 2005
No idea what causes that notification. BTW, running without an internet
firewall is very risky.
--
Ramesh, Microsoft MVP
Windows XP Shell/User
Windows XP Troubleshooting
http://www.winhelponline.com
"Zeb" <Zeb@discussions.microsoft.com> wrote in message
news:C0FCDDC2-E400-426D-BB55-89F9B3280D0E@microsoft.com...
> Thank you! That did it. I can now turn the firewall off in firewall.cpl,
> the
> options arent greyed out anymore. However the group policy notification is
> still there.
- Posted by Zeb on October 21st, 2005
Oh I use a hardware firewall, having a software one is just alot of trouble.
Thanks again
"Ramesh, MS-MVP" wrote:
> No idea what causes that notification. BTW, running without an internet
> firewall is very risky.
>
> --
> Ramesh, Microsoft MVP
> Windows XP Shell/User
>
> Windows XP Troubleshooting
> http://www.winhelponline.com
>
>
> "Zeb" <Zeb@discussions.microsoft.com> wrote in message
> news:C0FCDDC2-E400-426D-BB55-89F9B3280D0E@microsoft.com...
> > Thank you! That did it. I can now turn the firewall off in firewall.cpl,
> > the
> > options arent greyed out anymore. However the group policy notification is
> > still there.
>
>
- Posted by Ramesh, MS-MVP on October 21st, 2005
Can you export these two keys:
HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Win dowsFirewall\DomainProfil*e
(and)
HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Win dowsFirewall\StandardProf*ile
--
Ramesh, Microsoft MVP
Windows XP Shell/User
Windows XP Troubleshooting
http://www.winhelponline.com
"Zeb" <Zeb@discussions.microsoft.com> wrote in message
news:0986A064-C844-47A0-8CA7-2D55D46C8D51@microsoft.com...
> Oh I use a hardware firewall, having a software one is just alot of
> trouble.
> Thanks again
>
> "Ramesh, MS-MVP" wrote:
>
>> No idea what causes that notification. BTW, running without an internet
>> firewall is very risky.
>>
>> --
>> Ramesh, Microsoft MVP
>> Windows XP Shell/User
>>
>> Windows XP Troubleshooting
>> http://www.winhelponline.com
>>
>>
>> "Zeb" <Zeb@discussions.microsoft.com> wrote in message
>> news:C0FCDDC2-E400-426D-BB55-89F9B3280D0E@microsoft.com...
>> > Thank you! That did it. I can now turn the firewall off in
>> > firewall.cpl,
>> > the
>> > options arent greyed out anymore. However the group policy notification
>> > is
>> > still there.
>>
>>
- Posted by Zeb on October 21st, 2005
They both have nothing but (Standard) in them, type REG_SZ and no data
"Ramesh, MS-MVP" wrote:
> Can you export these two keys:
>
> HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Win dowsFirewall\DomainProfilÂ*e
> (and)
> HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Win dowsFirewall\StandardProfÂ*ile
>
> --
> Ramesh, Microsoft MVP
> Windows XP Shell/User
>
> Windows XP Troubleshooting
> http://www.winhelponline.com
>
>
> "Zeb" <Zeb@discussions.microsoft.com> wrote in message
> news:0986A064-C844-47A0-8CA7-2D55D46C8D51@microsoft.com...
> > Oh I use a hardware firewall, having a software one is just alot of
> > trouble.
> > Thanks again
> >
> > "Ramesh, MS-MVP" wrote:
> >
> >> No idea what causes that notification. BTW, running without an internet
> >> firewall is very risky.
> >>
> >> --
> >> Ramesh, Microsoft MVP
> >> Windows XP Shell/User
> >>
> >> Windows XP Troubleshooting
> >> http://www.winhelponline.com
> >>
> >>
> >> "Zeb" <Zeb@discussions.microsoft.com> wrote in message
> >> news:C0FCDDC2-E400-426D-BB55-89F9B3280D0E@microsoft.com...
> >> > Thank you! That did it. I can now turn the firewall off in
> >> > firewall.cpl,
> >> > the
> >> > options arent greyed out anymore. However the group policy notification
> >> > is
> >> > still there.
> >>
> >>
>
>
- Posted by Zeb on October 21st, 2005
Ugh, somehow the built in windows firewall is still blocking the ports I need
to have open, I tried enabling the firewall and opening the ports but no go.
It still didnt work.
How do I get rid of these awful group policies? Im in a small home network,
3 computers.
- Posted by Ramesh, MS-MVP on October 21st, 2005
Zeb,
You have me on that point. I don't know what other settings are causing
this, but will look into this.
--
Ramesh, Microsoft MVP
Windows XP Shell/User
Windows XP Troubleshooting
http://www.winhelponline.com
"Zeb" <Zeb@discussions.microsoft.com> wrote in message
news:B4A79828-7DC6-484E-984A-319B7134B5A9@microsoft.com...
> Ugh, somehow the built in windows firewall is still blocking the ports I
> need
> to have open, I tried enabling the firewall and opening the ports but no
> go.
> It still didnt work.
> How do I get rid of these awful group policies? Im in a small home
> network,
> 3 computers.
- Posted by S. Taylor on October 21st, 2005
Until you figure out the issues mentioned in your later posts,
have you tried setting the app and it's need ports as exclusions?
"Zeb" <Zeb@discussions.microsoft.com> wrote in message
news:C33B83C6-5CE9-4CB8-A7FF-8D94946CE747@microsoft.com...
>A couple of days ago, my bittorrent client stopped working. It turned out
> that the built in XP firewall ( I have sp2 on home ) had been activated.
> So I opened the firewall tool in the control panel and the options were
> non
> clickable, i could not click the turn it off.
> At the top it says "For safety reasons some settings are controlled by a
> group policy".
> I thought it was a virus so I ran NOD32, deep scan with full heurestics
> on,
> nothing was found.
>
> I've been looking on microsoft support but i cant find anything, the only
> thing that i think would help is the group policy editor console. It only
> works on xp professional and I have home.
>
> What could have caused this? How would I be able to disable the policies /
> disable the firewall?
> Thanks in advance
