Note
Access to this page requires authorization. You can try signing in or changing directories.
Access to this page requires authorization. You can try changing directories.
Applies To: Windows Server 2003, Windows Server 2003 R2, Windows Server 2003 with SP1, Windows Server 2003 with SP2
Use this procedure to block unicast response traffic that is received in response to multicast or broadcast traffic.
Administrative Credentials
To perform this procedure, you must be a member of the Administrators group on the local computer, or you must have been delegated the appropriate authority. If the computer is joined to a domain, members of the Domain Admins group might be able to perform this procedure.
Special Considerations
You can configure Windows Firewall settings in the standard profile or the domain profile. The domain profile is used when a computer is connected to a network in which the computer's domain account resides. The standard profile is used when a computer is connected to a network in which the computer's domain account does not reside, such as a public network or the Internet. Make sure Windows Firewall is using the correct profile when you perform this procedure.
For more information about Windows Firewall profiles, see Managing Windows Firewall Profiles.
This procedure can be performed using the command prompt or Group Policy. You cannot perform this procedure in the graphical user interface.
Using the command prompt
To block unicast responses to multicast traffic
Type the following at the command prompt, and press ENTER:
netsh firewall set multicastbroadcastresponse mode = enable
If you get an "Access Denied" message when you run a command, you do not have administrative rights to configure Windows Firewall. If you get an "Ok" message but the command does not take effect, the setting might be managed by Group Policy.
Using Group Policy
To block unicast responses to multicast traffic
Open the Group Policy Object Editor snap-in to edit the Group Policy object (GPO) that is used to manage Windows Firewall settings in your organization.
Open Computer Configuration, open Administrative Templates, open Network, open Network Connections, and then click Windows Firewall.
In the details pane, double-click Windows Firewall: Prohibit unicast response to multicast or broadcast requests.
In the Windows Firewall: Prohibit unicast response to multicast or broadcast requests properties dialog box, on the Settings tab, click Enabled.
Notes
To open a command prompt, click Start, point to All programs, point to Accessories, and then click Command Prompt.
Windows Firewall is not included in the original release of the Windows Server 2003 operating systems.
Configuring Multicast Settings
Known Issues for Managing IPsec, Multicast, and ICMP Settings