Frequently Asked Questions
The following questions and answers cover the most frequently encountered Windows Firewall situations.
|How is the Windows Firewall MMC snap-in accessed from the command line?||Type "mmc WF.msc" to launch the firewall MMC snap-in.|
|How can the currently active Windows Firewall profile be determined?||The simplest way to find out which is the currently active profile is to open the Windows Firewall MMC snap-in and look at the main page visible on startup.
Alternatively, it can also be determined from the command line using "netsh advfirewall>show currentprofile", or by accessing the Windows Firewall section of the Control Panel.
|How can it be determined if the firewall is on?||Open the Firewall MMC snap-in and look at the main page visible on startup. It shows the firewall state for the Domain, Public and Private profiles.
Alternatively, the status of the firewall can be checked from the command line using "netsh advfirewall>show allprofiles", or by accessing the Windows Firewall section of the Control Panel.
|How can inbound filtering be enabled for the firewall?||Open the Firewall MMC snap-in and look at the main page visible on startup.
At the bottom of the Overview section, click "Windows Firewall Properties".
For each Domain, Private, and Public profile tab change the firewall state from "Off" to "On (recommended)".
Alternatively, inbound filtering for the firewall can be enabled for all profiles by using the following command: "netsh advfirewall set allprofiles firewallpolicy blockinbound,allowoutbound"
|How can the firewall be enabled for a specific adapter?||Follow these steps:
|Traffic that was expected to get blocked (or allowed) did not. What can be done to ensure that expected behavior occurs?||Follow the steps below. If at any point you answer "No" to any of the questions, this is where you need to focus your attention to resolve the problem.
Are the following services running? If so, continue.
In a command line window type "Ipconfig".
Get the adapter of the local address you used to receive the connection. This is the adapter you used for your connection.
Is the firewall enabled on the adapter you used for you connection? If so, continue.