locked
Allow inbound file and printer sharing doesn't allow me to ping RRS feed

  • Question

  • Hello,
    I'm setting up Windows Firewall exceptions through Group Policy.
    The policy setting are applied successfully.
    I enabled (allowed) the inbound file and printer sharing exception.
    I only allow this on computers of my local subnet (scope).
    Normally this should open TCP 445 and would allow me to ping computers on my subnet.

    This works fine for XP computers but not for Windows Vista computers.
    If allow the ICMP exception 'Allow inbound echo request' ping works fine.
    But I don't want to do that because you can't define a scope in this policy.

    Any ideas how I can allow ping for Vista for a scope of ip addresses?
    Monday, November 16, 2009 4:32 PM

Answers

All replies

  • Hi,

     

    Thank you for your post.

     

    Firstly, may I know the following?

     

    1.    The version of your server, Windows Server 2003 or Windows Server 2008?

     

    2.    The detail steps you create the firewall related Group Policy.

     

    In addition, as I know, in Windows Firewall with Advanced Security or the related Group Policy settings, there is a scope option for the rules.

     

    Configuring Scope Settings

    http://technet.microsoft.com/en-us/library/cc781515(WS.10).aspx

     

    Firewall Rule Wizard: Scope Page

    http://technet.microsoft.com/en-us/library/dd448558(WS.10).aspx

     

    As you said “you can't define a scope in this policy.”, please give us more information about this.

     

    Thanks.

     

    Nicholas Li

    TechNet Subscriber Support in forum

    If you have any feedback on our support, please contact tngfb@microsoft.com.


    Nicholas Li - MSFT
    • Marked as answer by Bart Lemmens Friday, November 27, 2009 6:21 AM
    Wednesday, November 18, 2009 6:43 AM
    Moderator
  •  

    I just want to say hi and see how this is going. I would appreciate it if you could drop me a note to let me know if you have any questions or concerns with the information I provided. If so, please feel free to let me know. I am happy to be of assistance. :)

     

    Thanks!

     

    Nicholas Li

    TechNet Subscriber Support in forum

    If you have any feedback on our support, please contact tngfb@microsoft.com.


    Nicholas Li - MSFT
    Monday, November 23, 2009 3:45 AM
    Moderator
  • Hi Nicholas,

    thanks for your reply. Here's the information you asked for:

    1. I have a mixed environment PDC runs Windows Server 2003 R2, two additional domain controllers run Windows Server 2008
    While checking in noticed that my domain functional level is Windows Server 2003, Forest functional level is Windows 2000

    2. I made a seperate Vista Computer Policy and linked it to the correct OU. The policy is applied correctly to all comuters in the OU.
    For managing the group policies I installad Remote Administration Tools on a Vista Workstation.
    Policies are managed through Group Policy Management console.

    Policy is set in

    \\Computer Configuration\Policies\Administrative Templates\Network\Network Connections\Windows Firewall\Domain Profile

    I enabled 'Allow inbound file and printe sharing exception' for my local subnet.

    ----------------------------------

    So it seems that I was looking in the wrong place.
    I'm going to to set the exception in the Windows Firewall with Advaced Security policy.


    Thanks a lot for your help.
    • Marked as answer by Bart Lemmens Friday, November 27, 2009 6:21 AM
    • Unmarked as answer by Bart Lemmens Friday, November 27, 2009 6:21 AM
    Monday, November 23, 2009 11:02 AM