Windows Firewall with netsh and services.msc RRS feed

  • Question

  • I've been playing around netsh and modifying the Windows Firewall configuration.  I've ran into some odd behavior (possibly due to my lack of understanding in specific areas).  When using the command


    netsh firewall set opmode disable


    Windows Firewall becomes disabled based on the status in the Control Panel applet as well as the Windows Firewall with Advanced Security snap-in (wf.msc).  As a basic test, I'm able to ping the machine from another location (the Vista Enterprise machine is essentially an out-of-the-box config).


    However, simply stopping the Windows Firewall service from the Services snap-in (services.msc) and not using the CLI results in ICMP still being dropped.  There's apparently a difference in the way the service itself behaves vs. when the operational mode is changed via netsh.  I'm assuming this has something to do with how these components are layered on top of each other in the architecture.  Am I missing something obvious?

    Friday, May 25, 2007 11:14 PM