Score:1

Windows Server 2019 firewall not blocking inbound connections that don't meet a rule

in flag
Ben

I'm configuring a new Windows Server 2019 VPS. I have set the firewall on the Public Profile to "Inbound connections that do not match a rule are blocked"

Public Profile configuration screenshot

I have setup 2 rules to allow connections to my SSH server, and to allow web traffic through, as you can see here:

Inbound rules screenshot

There's also a 3rd rule there to block traffic to port 3389 (RDP). That's the problem - without the RDP blocking rule, traffic is allowed through to port 3389, even though the Firewall is configured to "Inbound connections that do not match a rule are blocked". It makes no sense!!

I have double-checked that the network profile is indeed set to Public, which it is. The Firewall is obeying the block RDP rule, but without it there, it allows RDP traffic.

Does anybody understand what's going on here?!

Score:1
in flag
Ben

Wow, I just found the answer to this. I have been managing the firewall via gpedit.msc. I just opened up the 'Windows Defender Firewall with Advanced Security' link in Control Panel\System and Security\Administrative Tools and found a load of rules in place which were not visible in gpedit.msc. Hence why stuff was getting through that I was not expecting to get through.

np flag
If the rule does NOT appear in `Control Panel > ... > Allowed apps`, it would NOT work. After re-adding firewall rule in `wf.msc`, it shows up there and works.
mangohost

Post an answer

Most people don’t grasp that asking a lot of questions unlocks learning and improves interpersonal bonding. In Alison’s studies, for example, though people could accurately recall how many questions had been asked in their conversations, they didn’t intuit the link between questions and liking. Across four studies, in which participants were engaged in conversations themselves or read transcripts of others’ conversations, people tended not to realize that question asking would influence—or had influenced—the level of amity between the conversationalists.