Windows Defender Firewall service failed to load Group Policy when Override block rules is checked

The Squirrel 111 Reputation points
2022-10-24T15:13:43.117+00:00

Recently discovered that using Group Policy if a rule is defined to allow the connection if it is secure and the Override block rules checkbox is checked, Server 2022 fails to load all of the firewall rules and gives event ID 2009 in the Microsoft-Windows-Windows Firewall With Advanced Security log.

I've been able to replicate it with three different servers as well as creating a new GPO from scratch with only one rule in it.

Can anyone else replicate this issue? We are using it to block RDP and using this rule to allow RDP from only hardened computers (jump points). So far my only work arounds are to either change the Domain Profile to not apply local firewall rules, use powershell to disable the automatically enabled built-in RDP rule, or login to each server and manually disable it.

I found an issue with Windows 11 that is similar if the GPO was edited using an older GPO template (admx) and re-creating with the latest template resolved the issue. However I have the latest template for 2022 and made sure to make all of the changes/edits using one of the affected servers to eliminate any template incompatibility issues.

Thanks,
Eli

Windows
Windows
A family of Microsoft operating systems that run across personal computers, tablets, laptops, phones, internet of things devices, self-contained mixed reality headsets, large collaboration screens, and other devices.
5,380 questions
Windows 10 Security
Windows 10 Security
Windows 10: A Microsoft operating system that runs on personal computers and tablets.Security: The precautions taken to guard against crime, attack, sabotage, espionage, or another threat.
2,906 questions
{count} votes

1 answer

Sort by: Most helpful
  1. The Squirrel 111 Reputation points
    2024-01-08T19:16:55.3533333+00:00

    Anyone else seen this issue?

    0 comments No comments

Your answer

Answers can be marked as Accepted Answers by the question author, which helps users to know the answer solved the author's problem.