Condividi tramite


Frequently Asked Questions

The following questions and answers cover the most frequently encountered Windows Firewall situations.

Question Answer
How is the Windows Firewall MMC snap-in accessed from the command line? Type "mmc WF.msc" to launch the firewall MMC snap-in.
How can the currently active Windows Firewall profile be determined? The simplest way to find out which is the currently active profile is to open the Windows Firewall MMC snap-in and look at the main page visible on startup.
Alternatively, it can also be determined from the command line using "netsh advfirewall>show currentprofile", or by accessing the Windows Firewall section of the Control Panel.
How can it be determined if the firewall is on? Open the Firewall MMC snap-in and look at the main page visible on startup. It shows the firewall state for the Domain, Public and Private profiles.
Alternatively, the status of the firewall can be checked from the command line using "netsh advfirewall>show allprofiles", or by accessing the Windows Firewall section of the Control Panel.
How can inbound filtering be enabled for the firewall? Open the Firewall MMC snap-in and look at the main page visible on startup.
At the bottom of the Overview section, click "Windows Firewall Properties".
For each Domain, Private, and Public profile tab change the firewall state from "Off" to "On (recommended)".
Alternatively, inbound filtering for the firewall can be enabled for all profiles by using the following command: "netsh advfirewall set allprofiles firewallpolicy blockinbound,allowoutbound"
How can the firewall be enabled for a specific adapter? Follow these steps:
  1. Open the Windows Firewall Control Panel.
  2. Click the Windows Firewall Settings link.
  3. Switch to the "Advanced" tab.
  4. The "Network Connections" shows a list of the adapters available on the machine.
  5. Check the box for each adapter where the firewall needs to be enabled.
Traffic that was expected to get blocked (or allowed) did not. What can be done to ensure that expected behavior occurs? Follow the steps below. If at any point you answer "No" to any of the questions, this is where you need to focus your attention to resolve the problem.
Are the following services running? If so, continue.
  • Base Filtering Engine
  • Group Policy Client
  • IKE and AuthIP IPsec Keying Modules
  • IP Helper
  • IPsec
  • Network Location Awareness
  • Windows Firewall
  • Windows Firewall Authorization Driver
  • Network List Service
Is the firewall on? If so, continue.
In a command line window type "Ipconfig".
Get the adapter of the local address you used to receive the connection. This is the adapter you used for your connection.
Is the firewall enabled on the adapter you used for you connection? If so, continue.
  1. Open the Windows Firewall MMC console.
  2. Under "Windows Firewall With Advanced Security", click the "Inbound Rules" node or on the "Outbound Rules" node as appropriate.
  3. By sorting the columns visible in the rule list such as "Program", "Local / Remote Address", "Local/Remote Port", "Protocol", "Direction", find the rules that closely match the connection which should have been handled by the firewall.
  4. For each rule that you have identified as a close candidate, make sure that the following rule attributes are true:
    • The rule is active
    • The rule is configured to block (or allow traffic as appropriate)
    • The rule is referencing the proper program path for the application
    • If the application is a service, make sure that the service list is properly scoped.
    • That the addresses, subnet, ports and protocols are correct for the traffic you want to handle.
    • That the traffic direction is correct.
    • The profiles associated with the rule are missing or incorrect.