netsh advfirewall (Windows 10 - 1709) RRS feed

  • Question

  • Howdy!
    I can execute the following (as a sample) on Windows Server 2016 without errors :
    netsh advfirewall firewall set rule name=all protocol=tcp new localip=[subnet A],[subnet B],[subnet C]

    That same command against a Windows 10 client, however, burps up the following error :
    "Logical endpoints (trust tuples) cannot be combined with specific addresses or ports."
    ... Followed by some usage guidelines and remarks for the netsh advfirewall command. 

    It appears that functionality in the tool itself is not consistent between client and server versions of Windows. I manage a lot of infrastructure and really need a simple, scriptable, automated way to modify firewall scopes (localip/remoteip) in batches for properties such as tcp or udp rules in new deployments. I am aware that netsh is deprecated in favor of PowerShell, but it is the tool I know and my attempts to get PowerShell versions of this to work have always ended in failure.

    Anyone have some suggestions for how to make this work on Windows 10, netsh or PowerShell?

    Sunday, November 19, 2017 10:02 PM

All replies