This browser is no longer supported.
Upgrade to Microsoft Edge to take advantage of the latest features, security updates, and technical support.
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(32, 17%, 13%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3ELH%3C/text%3E%3C/svg%3E)
Hi there,
I've rolled out a Group Policy to enable Windows Firewall on a small number of servers. After resolving the permissions issue some people encounter, I'm finding the logging is writing to the wrong files.
I have disabled the ICMP v4 rule so I no longer receive a ping response. I have also configured logging to log dropped packets.
I see 'allow' packets in the domain profile log, but not the drop. When looking in the Public profile log, I see the dropped ICMP packets being logged.
The server is 2019 Standard and domain joined. The workstation I'm pinging from is joined to the same domain, albeit in a different office (Server in Bermuda, workstation in the UK). I'm sure I'm missing something, but I'd expect it to show in the Domain profile logging...
Any ideas?
Thanks!
Hi there,
Unless the log files have already been created the firewall service actually doesn’t log anything. When setting firewall log file names via GPO you have to manually create the log files. Go into Windows Firewall on each server, go into each profile and click browse next to the file name, then create a log and check if they are login to the right profile.
If the reply is helpful, please Upvote and Accept it as an answer
