locked
How can I edit firewall rules inside Local Group Policy GPO using powershell? RRS feed

  • Question

  • Hi
    In the past I used netsh, for example:

    netsh
    advfirewall set store gpo=vme-pc
    advfirewall firewall add rule dir=out name="Ping" profile=any enable=Yes action=Allow protocol=ICMPv4
    

    Where vme-pc is my default local Win10 PC domain. There is no domain controller, just a standalone Win10 with default config. I never executed new-gpo.
    This rule added by netsh does appear in Local Group Policy Editor under Local Computer Policy / Computer Configuration / Windows Settings / Security Settings /Windows Defender Firewall.

    But now netsh threatens to remove this functionality soon and urges to use PowerShell NetSecurity instead.
    I cannot figure out what -PolicyStore should I specify for New-NetFirewallRule or Open-NetGPO to access local group policy.
    I tried all possible values from
    https://docs.microsoft.com/en-us/powershell/module/netsecurity/new-netfirewallrule?view=win10-ps
    https://docs.microsoft.com/en-us/powershell/module/netsecurity/open-netgpo?view=win10-ps
    https://social.technet.microsoft.com/Forums/en-US/b8dae501-7f42-473a-8883-3f46d788a844/how-can-i-edit-firewall-rules-inside-of-a-gpo-using-powershell?forum=winserverpowershell
    but nothing works.
    Thank you

    Sunday, July 19, 2020 1:53 AM

All replies

  • MS is not removing the functionality and it has not been added to PowerShell directly. Wait for the newer modules to be released.


    \_(ツ)_/

    Sunday, July 19, 2020 3:31 AM