Windows Firewall - Windows Server 2003 Networking Recipes - page 102

Information Technology Reference

In-Depth Information

Using Group Policy

Tables 3-5 and 3-6 contain the Group Policy settings that create program exceptions in the

domain and standard profiles respectively.

Table 3-5. Configure Program Exceptions—Domain Profile

Com puter Configuration\Administrative Templates\Network\

Network Connections\ Windows Firewall\Domain Profile

Path

Policy name

Windows Firewall: Define program exceptions

Value

Enabled to configure a list of program exceptions. Disabled to remove any

exceptions previously configured by Group Policy.

Table 3-6. Configure Program Exceptions—Standard Profile

Path

Computer Configuration\Administrative Templates\Network\

Network Connections\Windows Firewall\Standard Profile

Policy name

Windows Firewall: Define program exceptions

Enabled to configure a list of program exceptions. Disabled to remove any

exceptions previously configured by Group Policy.

Value

Using the Registry

To configure an executable called standard.exe to pass through the Windows Firewall, set the

following Registry values:

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\

Parameters\FirewallPolicy\ <Profile> \AuthorizedApplications\List]

"C:\folder1\Standard.exe":reg_sz:"C:\folder1\Standard.exe:*:Enabled:Standard.exe"

You can modify this Registry setting for your environment by adhering to the following

syntax:

ProgramPath : Scope :Enabled|Disabled: ApplicationName

ProgramPath allows you to enter the path and filename of the application. You can enter

the path manually, or use environment variables such as %windir% or %ProgramFiles% .

Scope specifies the scope of the exception. You can use * to specify the Any Computer

setting, LocalSubnet to restrict the exception to your local network, or a single IP address

or range of addresses to define a custom list. Create multiple entries by separating them

with a comma, like this: LocalSubnet,10.0.0.151,10.112.25.0/255.255.255.0,10.121.

79.0/24 .

Use Enabled or Disabled to indicate whether this program should be enabled or disabled

in the exception list.

ApplicationName creates a friendly name for the application exception; this is the name

that will appear on the Exceptions tab in the Windows Firewall Control Panel applet.

Next Page

Windows Server 2003 Networking Recipes

Search WWH ::

Custom Search

Home