I use Norton Personal Firewall and like it. I know many people don't like Symantec but the program works for me and I'm happy with it. The problem is I seem to have both the built in XP firewall running and Norton Personal Firewall running at the same time. I want to disable the windows one. The problem is the options to disable it from the security/firewall settings in the control panel are gra(e)yed out and it says in the comments box that windows is using my domain settings. This computer is joined as a member of my home network (which is really nonexistent- I just have a server set up with MS Server 2003 just for purposes of playing around with it and sharing a printer and a common drive)
I'm lost as to how to disable it, since after joining my domain the options are gra(e)yed out. Anyone have any advice? I am a networking nebie.
Disabling Windows Firewall in XP SP2 (Using Domain Settings)
Moderators: Bakhtosh, EvilHomer3k
-
gorham09
- Posts: 602
- Joined: Wed Oct 13, 2004 10:13 am
- Location: PA/MD
-
andon
- Posts: 371
- Joined: Fri Oct 15, 2004 9:46 am
- Location: Orlando, FL
When joined with a Windows Domain you have group policies that are enabled. By default in Windows 2003 there is an option to enable/disable windows xp firewall. This option can be turned of by changing it on the Domain controller, look under administrative tools for Domain Policy.
OR this could be the issue:
You cannot configure Windows Firewall settings or Security Center settings on a Windows XP Service Pack 2-based client computer that is in a Windows Small Business Server 2003-based network
http://support.microsoft.com/default.as ... -us;872769
Good luck,
Andon
OR this could be the issue:
You cannot configure Windows Firewall settings or Security Center settings on a Windows XP Service Pack 2-based client computer that is in a Windows Small Business Server 2003-based network
http://support.microsoft.com/default.as ... -us;872769
Good luck,
Andon
-
Zaxxon
- Forum Moderator
- Posts: 28133
- Joined: Wed Oct 13, 2004 12:11 am
- Location: Surrounded by Mountains
First off, are you logged onto your machine as a local administrator? If not, you'll see the same grayed-out options that you're currently seeing, even if no group policies are in effect for the firewall.
If you're on as an admin, follow these instructions to check out what setting you're using for your domain's Windows Firewall configuration.
First, you'll want to download the Group Policy Management Console. Even if you never plan to use Group Policies for much, you want this tool, as it brings Group Policy management out of the stone ages.
Once you have the GPMC installed (make sure to install it on an XPSP2 machine so that you will see the XPSP2-specific policies), run it as a user with Domain Administrator privileges (either log onto the machine as a domain admin and run GPMC, or shift-click the GPMC entry and choose 'run as'). Since it sounds like you haven't created any policies of your own, you want the Default Domain Policy.
Right-click the Default Domain Policy and choose Edit. The setting you're looking for is under Computer Configuration --> Administrative Templates --> Network --> Network Connections --> Windows Firewall --> Domain Profile. Double-click the Windows Firewall: Protect All Network Connections entry, and change the State to Disabled. This will force the firewall off for all computers on your network while they are physically attached to the domain. You can also change the state from Enabled to Not Configured in order to give local admins the right to change the setting.
If you're on as an admin, follow these instructions to check out what setting you're using for your domain's Windows Firewall configuration.
First, you'll want to download the Group Policy Management Console. Even if you never plan to use Group Policies for much, you want this tool, as it brings Group Policy management out of the stone ages.
Once you have the GPMC installed (make sure to install it on an XPSP2 machine so that you will see the XPSP2-specific policies), run it as a user with Domain Administrator privileges (either log onto the machine as a domain admin and run GPMC, or shift-click the GPMC entry and choose 'run as'). Since it sounds like you haven't created any policies of your own, you want the Default Domain Policy.
Right-click the Default Domain Policy and choose Edit. The setting you're looking for is under Computer Configuration --> Administrative Templates --> Network --> Network Connections --> Windows Firewall --> Domain Profile. Double-click the Windows Firewall: Protect All Network Connections entry, and change the State to Disabled. This will force the firewall off for all computers on your network while they are physically attached to the domain. You can also change the state from Enabled to Not Configured in order to give local admins the right to change the setting.
-
gorham09
- Posts: 602
- Joined: Wed Oct 13, 2004 10:13 am
- Location: PA/MD
Thanks very much guys. I tried the hotfix but it wouldn't install, it said I didn't have some of the prerequisites. Then I tried the policy management console. I disabled the firewall policy as instructed, but it didn't do anything. (well that's not true. I did disable the firewall for all profiles, but it was listed So then I started digging around in the knowledge base and found the commands to check settings from the command prompt using the "netsh" commands. It was strange when I checked the current settings using these commands it said that it was disabled in all profiles but then it listed interfaces- and it was enabled for my lan connection. I continued to fool around with the disable command from the command prompt and eventually was able to get the thing turned off (even though the options are still greyed out- from the firewall setttings in the control panel). But the good news is its off and no longer indicates that there is a conflict.
Thanks again! I would never have figured that out on my own. The Policy management console reminds me of a registry editor. I had no idea such things existed.
Thanks again! I would never have figured that out on my own. The Policy management console reminds me of a registry editor. I had no idea such things existed.