Hotspot through Windows Defender Firewall
I would like to know ALL ports and protocols, services, etc... that need to be whitelisted for hotspot to work with windows defender firewall. Or otherwise the baseline/recommended procedure I have tested to enable the below so far: Inbound/Outbound: UDP:67,68,53, 5355 TCP:443,80, 53 ICMP4/6: protocols 1/58 Types and codes: 0/8 Services: icssvc I still get drop events here and there in Windows Defender firewall logs for ports 80/ICMP, etc...... Any Idea what could be the reason and what is the best way to set this up to allow hotspot access from the device.Firewall Off despite policy being enabled
In Firewall and network protection, It says Firewall is off for all Network types. However it should be on. Is this normal/expected? However, In Sec. providers, Firewall is enabled. ========== In PS, Firewall appears to be enabled too. C:\Windows\System32>netsh advfirewall Show allprofiles Domain Profile Settings: ---------------------------------------------------------------------- State ON Firewall Policy BlockInbound,AllowOutbound LocalFirewallRules N/A (GPO-store only) LocalConSecRules N/A (GPO-store only) InboundUserNotification Enable RemoteManagement Disable UnicastResponseToMulticast Enable Logging: LogAllowedConnections Disable LogDroppedConnections Disable FileName %systemroot%\system32\LogFiles\Firewall\pfirewall.log MaxFileSize 4096 Private Profile Settings: ---------------------------------------------------------------------- State ON Firewall Policy BlockInbound,AllowOutbound LocalFirewallRules N/A (GPO-store only) LocalConSecRules N/A (GPO-store only) InboundUserNotification Enable RemoteManagement Disable UnicastResponseToMulticast Enable Logging: LogAllowedConnections Disable LogDroppedConnections Disable FileName %systemroot%\system32\LogFiles\Firewall\pfirewall.log MaxFileSize 4096 Public Profile Settings: ---------------------------------------------------------------------- State ON Firewall Policy BlockInbound,AllowOutbound LocalFirewallRules N/A (GPO-store only) LocalConSecRules N/A (GPO-store only) InboundUserNotification Enable RemoteManagement Disable UnicastResponseToMulticast Enable Logging: LogAllowedConnections Disable LogDroppedConnections Disable FileName %systemroot%\system32\LogFiles\Firewall\pfirewall.log MaxFileSize 4096 Ok. =========== In the Intune Firewall Policy the three options are enabled:
Creating virtual Azure environment for teams toolkit VS code for teams toolkit.
Hi everyone, I am working on a project to create a teams bot app for my institute. I am using Teams Toolkit for VS code, and I have MS 365 app upload permission allocated. I was trying to create " https://github.com/OfficeDev/Microsoft-Teams-Samples/tree/main/samples/bot-conversation-sso-quickstart/js" using Teams Toolkit. However, after debugging the app with option of 'Debug in Edge' or 'Debug in Chrome' I faced issue with devtunnel, that the devtunnel is unable to create tunnel service use 'Test Tool' Instead. I communicated same issue with my team and came to know that firewall is blocking any tunneling service in our tenant. Then, my IT Admin suggested to create a Shared Virtualized Environment in Azure in which I should develop and deploy app for testing and production. Now I am quite confused about how to do this, because teams toolkit for VS code is installed on VS code of my local device and it's debugging will happen locally, how I should create Shared Virtualized Environment in Azure for creating, debugging and deploying Teams Bot App. Your answers are highly appreciated, this is very important project for my institute.
Enable Domain Network FW via Intune
Hello Experts, I've been trying to implement some defender recommendations and can't figure out why " Secure Microsoft Defender Firewall domain profile" does not have any effect on the endpoints... I have followed the guide and configured Firewall policy in Intune / Endpoint Security. I've assigned it to few testing users/machines... Now, it looks like below: when I open the policy I see it was "Succeeded" on all devices... no error no conflict reported when I check in Endpoint security -> Firewall -> "MDM devices running Windows 10 or later with firewall off", all devices have Firewall status "Disabled" The configuration is very simple and looks like the below It is assigned to a group of users When I check on testing machine, I see the below I'm confused as it all seems to be "succeeded" but it has no effect on the end user device looks like. Any idea what am I missing here?How to identify the firewall filter based on ID
Hi, We started to have strange problem and looks like Windows Firewall start blocking traffic even there is rules for the traffic. When I run the command netsh wfp show netevents I found from the XML file what this generates the following drop related to my traffic: <item> <filterId>1910059</filterId> <subLayer>FWPP_SUBLAYER_INTERNAL_FIREWALL_WF</subLayer> <actionType>FWP_ACTION_BLOCK</actionType> </item> Anybody knows how to identify what is this filter?How to activate FW logs
Hello, Was is the best way to activate Windows FW logs with a MEM policy (with all the usual settings available with the related GPO) ? I tried to find any setting/template which can be used by a configuration profile but I haven't find any yet. I tried to import GPOs but it seems they are 'deprecated' for MDM (cf. screenshot below). RegardsWindows Firewall configuration via MEM
Hi I'm using the new profile template for Microsoft Defender Firewall profile (in Endpoint Security). When I edit an existing policy, settings that were set to 'Not configured' are now set to a value. For example creating a policy to enable the firewall on the domain firewall profile and block inbound connections, with everything else set to 'not configured', when editing that policy all the settings for the domain firewall profile now have values instead of 'not configured'. Is anyone else seeing this behaviour? Is this a bug Intune_Support_Team ?
