Forum Discussion
Intune Firewall Policies Left Behind - Creation but No Deletion
https://call4cloud.nl/2020/07/the-windows-firewall-rises/#part7
Rudy_Ooms_MVP thanks, Rudy. I'm setting them through Endpoint Security > Microsoft Defender Firewall rules.
I assigned a test rule this morning, it synced to the firewall then I removed it but it's still in the firewall.
I'm using Windows 10 LTSC 1809. Wonder if this is an issue that was fixed in later builds?
Hi... So far as I know the tattoeing issue changed with version 1903...
Intune and the Device Configuration Profile Tattooing issue (call4cloud.nl)
So .... I guess ltsc 1903 isn't going to work- Found this because I ran into the same problem. The test machine is a Windows 11 23H2.
Created a test rule to block Firefox outbound traffic. It worked.
Changed the rule to allow and it did what it was supposed to.
Deleted the rule from Intune, it's still tattooed in the Defender firewall.
Possible something else changed? this is going to make it a bit more difficult to test rules before deploying them to production.It's the same for me and I'm on Windows 11 24H2.
Created rule to allow RDP from all networks and then deleted the rule from Intune but it stayed on the device :(
Later I created a another allow RDP rule but only from certain remote networks. Now both are on the device and it still works from any network.
At least for the test device I can workaround it, be deleting the corresponding regkeys under Computer\HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\Mdm\FirewallRules
