The Windows Firewall has always been a point of arguments for me and my co-workers. It never quite works the way we want it to work; and we always disagree on what to do. My manager usually decides to disable the Firewall completely. I don’t think it’s the best way to go, but if you’re in a situation where you absolutely need to the Windows Firewall on all Windows client, this is how you do it on a Windows 2008 server.
- Go to Start > Administrative Tools > Policies
- Select the policy to edit (Usually: the default policy), right-click and choose “edit”.
- Go to Administrative Templates > Network > Network connections > Windows Firewall > Domain Profile.
- Disable the “Protect All Network connections” rule. Just to be sure, you can do the same for the “Standard Profile”, as well.
Now, all that’s left to do is update the clients. It’s up to you to find a way that suits your needs. Personally, I usually go to the client machines and use the following command:
gpupdate / force
Or, you could log off and log on again. I wouldn’t recommend it on a network with many clients, though.
Just a friendly warning: Disabling your Windows Firewall might work for you, and solve your problem for now, but it’s not a safe way of working. You should always have a firewall running. Microsoft “Experts” will claim that the Windows Firewall must run at all time, but firewalls from third parties work just as well – or often even better. For example, we use Trend Micro Worry Free, and the built-in firewall works perfectly for us, as it’s less “harsh.” Find a firewall solution that works for you, and stick with it.