locked
Windows Firewall SNMP exception doesn't appear to work RRS feed

  • Question

  • Hi,

    If I enable SNMP Service as an exception with Windows Firewall on, SNMP still cannot get through. If I add a custom exception with UDP/161, SNMP gets through fine. Is this a bug or am I missing something?
    Wednesday, June 17, 2009 3:30 PM

Answers

  • hi there,

    i have re-produced your setup and scenario. i enabled SNMP on windows 2008 32 bit server. after which i navigated to windows firewall and saw that under


    Inbound rules --snmp service ( udp in ) allowed for all domain , private public profiles

    Inbound rules --snmp service ( udp out) allowed for all domain , private public profiles

    by default snmp will be added to firewall in windows 2008 and will be in enable mode , so if administrators need to disable it they can just go to windows firewall and disable the service.

    sainath !analyze
    Monday, June 29, 2009 7:46 AM
    Moderator

All replies

  • hi there,

    can you please tell us what is the Operating system version you are using ?
    sainath !analyze
    Wednesday, June 17, 2009 5:33 PM
    Moderator
  • 64 bit Windows 2008 Standard SP1
    Friday, June 19, 2009 11:55 AM
  • hi

    this is pretty strange , you mean to say windows firewall is blocking the SNMP traffic by default ?

    one quick suggestion is to re-install the snmp service and check if its behaving in similar way. After you uninstall the snmp service, stop the firewall service and then install the snmp and check.

    You can use the snmputil tool to verify once again the SNMP agent configuration:
    http://support.microsoft.com/kb/323340


    sainath !analyze
    Saturday, June 20, 2009 10:23 AM
    Moderator
  • I just created a brand new 32 bit Windows 2008 VM and enabled the SNMP Service, verified it was working, opened Windows Firewall, looked at the Exceptions tab and SNMP Service was selected - turned on the firewall and it's being blocked just as with the other physical server.
    Monday, June 22, 2009 8:21 PM
  • hi there,

    i have re-produced your setup and scenario. i enabled SNMP on windows 2008 32 bit server. after which i navigated to windows firewall and saw that under


    Inbound rules --snmp service ( udp in ) allowed for all domain , private public profiles

    Inbound rules --snmp service ( udp out) allowed for all domain , private public profiles

    by default snmp will be added to firewall in windows 2008 and will be in enable mode , so if administrators need to disable it they can just go to windows firewall and disable the service.

    sainath !analyze
    Monday, June 29, 2009 7:46 AM
    Moderator