locked
Windows Firewall custom rule blocks more than it should RRS feed

  • Question

  • Hi,

    I have the following network setup on Windows 8 embedded:

    Using 2 different network ports on one computr I have:

    Network 1: computer A and B (IP 11.222.3.44)

    Network 2: computer B (IP 192.168.2.111) and C


    All computers have the same firewall settings. 

    - Firewall = ON

    - Inbound connections = Allow

    - Outbound connections = Allow 

    In addition I have 1 rule on computer B which blocks all inbound connections from computer C:

    - Rule Type: Custom

    - Program: All programs

    - Protocol and ports: Protocol=Any, Local ports=All, Remote ports=All

    - Scope: Local IP range = 192.168.2.111, Remote IP range = All

    - Action: Block

    - Profile: Domain + Private + Public

    The problem I'm experiencing is that this rule block some but traffic between computers A and B!

    Example: I can ping B from A, but not B from C which is the way it's supposed to work.

    But I cannot run this command from computer A:

    WMIC /node:ComputerB process call create “sc stop servicename”

    Then I get en RPC could not be reached error. If I disable the rule the command will work perfectly.


    NB: If someone wonders what the WMIC command does it will execute a command on Computer B remotely.

    I know I can call "sc \\ComputerB stop servicename" directly. It's just used as an example. 

    I just cannot see why that rule would interfere with traffic from computer A...

    Does anybody understand what is going on and can explain this to me?

    PS: I have found a workaround to this problem. I can remove that custom rule or disable Windows firewall completely and use the Local Security Policy Editor (secpol.msc) and add a very similar rule there. That works, but I would prefer to get this working with the firewall.

    BR,

    Leifster

    • Moved by Joy-Qiao Wednesday, October 31, 2018 7:31 AM
    Tuesday, October 30, 2018 8:16 AM

All replies