firewall
22 TopicsHotspot through Windows Defender Firewall
I would like to know ALL ports and protocols, services, etc... that need to be whitelisted for hotspot to work with windows defender firewall. Or otherwise the baseline/recommended procedure I have tested to enable the below so far: Inbound/Outbound: UDP:67,68,53, 5355 TCP:443,80, 53 ICMP4/6: protocols 1/58 Types and codes: 0/8 Services: icssvc I still get drop events here and there in Windows Defender firewall logs for ports 80/ICMP, etc...... Any Idea what could be the reason and what is the best way to set this up to allow hotspot access from the device.16Views0likes0CommentsFirewall Off despite policy being enabled
In Firewall and network protection, It says Firewall is off for all Network types. However it should be on. Is this normal/expected? However, In Sec. providers, Firewall is enabled. ========== In PS, Firewall appears to be enabled too. C:\Windows\System32>netsh advfirewall Show allprofiles Domain Profile Settings: ---------------------------------------------------------------------- State ON Firewall Policy BlockInbound,AllowOutbound LocalFirewallRules N/A (GPO-store only) LocalConSecRules N/A (GPO-store only) InboundUserNotification Enable RemoteManagement Disable UnicastResponseToMulticast Enable Logging: LogAllowedConnections Disable LogDroppedConnections Disable FileName %systemroot%\system32\LogFiles\Firewall\pfirewall.log MaxFileSize 4096 Private Profile Settings: ---------------------------------------------------------------------- State ON Firewall Policy BlockInbound,AllowOutbound LocalFirewallRules N/A (GPO-store only) LocalConSecRules N/A (GPO-store only) InboundUserNotification Enable RemoteManagement Disable UnicastResponseToMulticast Enable Logging: LogAllowedConnections Disable LogDroppedConnections Disable FileName %systemroot%\system32\LogFiles\Firewall\pfirewall.log MaxFileSize 4096 Public Profile Settings: ---------------------------------------------------------------------- State ON Firewall Policy BlockInbound,AllowOutbound LocalFirewallRules N/A (GPO-store only) LocalConSecRules N/A (GPO-store only) InboundUserNotification Enable RemoteManagement Disable UnicastResponseToMulticast Enable Logging: LogAllowedConnections Disable LogDroppedConnections Disable FileName %systemroot%\system32\LogFiles\Firewall\pfirewall.log MaxFileSize 4096 Ok. =========== In the Intune Firewall Policy the three options are enabled:Solved100Views0likes6CommentsCreating virtual Azure environment for teams toolkit VS code for teams toolkit.
Hi everyone, I am working on a project to create a teams bot app for my institute. I am using Teams Toolkit for VS code, and I have MS 365 app upload permission allocated. I was trying to create " Teams Conversation Bot SSO quick-start" using Teams Toolkit. However, after debugging the app with option of 'Debug in Edge' or 'Debug in Chrome' I faced issue with devtunnel, that the devtunnel is unable to create tunnel service use 'Test Tool' Instead. I communicated same issue with my team and came to know that firewall is blocking any tunneling service in our tenant. Then, my IT Admin suggested to create a Shared Virtualized Environment in Azure in which I should develop and deploy app for testing and production. Now I am quite confused about how to do this, because teams toolkit for VS code is installed on VS code of my local device and it's debugging will happen locally, how I should create Shared Virtualized Environment in Azure for creating, debugging and deploying Teams Bot App. Your answers are highly appreciated, this is very important project for my institute.6Views0likes0CommentsEnable Domain Network FW via Intune
Hello Experts, I've been trying to implement some defender recommendations and can't figure out why " Secure Microsoft Defender Firewall domain profile" does not have any effect on the endpoints... I have followed the guide and configured Firewall policy in Intune / Endpoint Security. I've assigned it to few testing users/machines... Now, it looks like below: when I open the policy I see it was "Succeeded" on all devices... no error no conflict reported when I check in Endpoint security -> Firewall -> "MDM devices running Windows 10 or later with firewall off", all devices have Firewall status "Disabled" The configuration is very simple and looks like the below It is assigned to a group of users When I check on testing machine, I see the below I'm confused as it all seems to be "succeeded" but it has no effect on the end user device looks like. Any idea what am I missing here?Solved1.9KViews0likes9CommentsHow to identify the firewall filter based on ID
Hi, We started to have strange problem and looks like Windows Firewall start blocking traffic even there is rules for the traffic. When I run the command netsh wfp show netevents I found from the XML file what this generates the following drop related to my traffic: <item> <filterId>1910059</filterId> <subLayer>FWPP_SUBLAYER_INTERNAL_FIREWALL_WF</subLayer> <actionType>FWP_ACTION_BLOCK</actionType> </item> Anybody knows how to identify what is this filter?551Views0likes0CommentsWindows Firewall rules in intune vs local Firewall rules
Hi Team I have a device that is fully managed by Intune. I have created some firewall rules policies to allow certain applications and block others. Before enrolling the device into Defender for Endpoint, there were some firewall rules created locally on the Windows device. My question is: will these manually created firewall rules still work as intended, or will only the policies published through Intune take over?Solved3.1KViews0likes3CommentsHow to activate FW logs
Hello, Was is the best way to activate Windows FW logs with a MEM policy (with all the usual settings available with the related GPO) ? I tried to find any setting/template which can be used by a configuration profile but I haven't find any yet. I tried to import GPOs but it seems they are 'deprecated' for MDM (cf. screenshot below). Regards1.5KViews0likes3CommentsWindows Firewall configuration via MEM
Hi I'm using the new profile template for Microsoft Defender Firewall profile (in Endpoint Security). When I edit an existing policy, settings that were set to 'Not configured' are now set to a value. For example creating a policy to enable the firewall on the domain firewall profile and block inbound connections, with everything else set to 'not configured', when editing that policy all the settings for the domain firewall profile now have values instead of 'not configured'. Is anyone else seeing this behaviour? Is this a bugIntune_Support_Team?2.1KViews0likes3CommentsEdge Stuck on Setting Up Sync
Using Version 81.0.381.0 (Official build) dev (64-bit) When I setup sync on my work Network, the sync just stays on "Setting up Sync". However, when I go off company WI-FI and onto cellular, the sync works fine and the status changes to "Sync is on". Its more than likely a problem with the company firewall. The IT admin always asks which port/url they need to open. What needs to be opened for Edge Sync to work properly? I tried to watch traffic off my machine, but couldn't make a determination of what URL sync is trying to access.Solved15KViews0likes8Comments