How to configure the windows firewall using group policies.
To set up the windows firewall correctly to work with lansweeper the easiest way is to use group policies.
You need to change you Windows firewall - domain policy (this policy applies to computers when they are connected to your domain)
The setting that you need to enable is "Windows Firewall: Allow remote administration exception"
You can choose "*" for all machines or just the IP of your lansweeper server (where the service is running)
To view if the policies are set correct on a client you can use the "netsh firewall show state" command
C:\>netsh firewall show state
Firewall status:
-------------------------------------------------------------------
Profile = Domain
Operational mode = Enable
Exception mode = Enable
Multicast/broadcast response mode = Enable
Notification mode = Enable
Group policy version = Windows Firewall
Remote admin mode = Enable
Please read this technet article about problems when the domain profile is not working : http://technet.microsoft.com/en-ca/library/bb878049.aspx
To view which GPO's are applied to the client you can use the gpresult.exe command.
If for some reason you can't apply group policies you can use the following commands to set the firewall. (save as firewall.cmd)
call netsh firewall set service RemoteAdmin enable
call netsh firewall add portopening protocol=tcp port=135 name=DCOM_TCP135
call netsh firewall add allowedprogram program=%windir%\system32\wbem\unsecapp.exe name=WMI
call netsh firewall add allowedprogram program=%windir%\system32\dllhost.exe name=Dllhost
Most requested articles:
|
Skype : 