(Unattended Installation)
Applies To: Windows Server 2003, Windows Server 2003 R2, Windows Server 2003 with SP1, Windows Server 2003 with SP2
The [WindowsFirewall.service_name] section contains entries for configuring Windows Firewall.
When in normal operation, Windows Firewall opens static ports used by services in its current profile's exception list. Only services that actually require unsolicited, incoming traffic should be added to the Windows Firewall Exceptions list. There is no benefit to adding services that use only outgoing connections to the Windows Firewall Exceptions list. You must add the [WindowsFirewall.service_name] section in the [WindowsFirewall.profile_name] section.
The [WindowsFirewall.service_name] section contains entries for adding services to the Windows Firewall Exceptions list.
Answer File Entries for the [WindowsFirewall. program_name ] Section
Entry | Description |
---|---|
Type |
Specifies the type of service to use for changing the default configuration of the Windows Firewall. |
Mode |
Specifies whether to enable or disable an entry in the Windows Firewall Exceptions lists. |
Scope |
Defines the set of limits on which computers (IP addresses) are allowed to send traffic through the specified exception. The value of the Mode entry must equal 1 (On). |
Addresses |
Specifies the addresses for an entry in the Windows Firewall Exceptions lists. |
[WindowsFirewall.RemoteDesktop]
Type = 2
Mode = 1
Scope = 2
Addresses = 192.168.0.5,LocalSubnet
Specifies the type of service to use for changing the default configuration of the Windows Firewall.
Type = 0 | 1 | 2 | 4 | 5
Value | Description |
---|---|
0 |
Specifies file and print sharing. |
1 |
Specifies UPnP framework. |
2 |
Specifies remote desktop service. |
4 |
Specifies remote administration service. |
5 |
Specifies all services. |
Type = 5
The default value is 5. This is a required entry.
Specifies whether an entry added to the Windows Firewall Exceptions list is either enabled or disabled.
Mode = 0 | 1
Value | Description |
---|---|
1 |
Enables an entry in the Windows Firewall Exceptions list. |
0 |
Disables an entry in the Windows Firewall Exceptions list. |
Mode = 1
The default value is 1. This is a required entry.
Defines the set of limits on which computers (IP addresses) are allowed to send traffic through the specified exception. The value of the Mode entry must equal 1 (On).
Scope = 0 | 1 | 2
Value | Description |
---|---|
0 |
Enables unsolicited, incoming traffic with no limitations. Any computer can send traffic through this exception. |
1 |
Enables unsolicited, incoming traffic that matches the exception from any computer on the same subnet as the network connection on which the traffic was received through Windows Firewall, while dropping unsolicited, incoming traffic from all other computers. |
2 |
Defines a custom scope, which is a collection of IP addresses and subnets, as specified in the Addresses entry. Unsolicited, incoming traffic that matches the exception and originates from a computer in the defined collection is enabled through Windows Firewall. |
Scope = 192.168.0.5,LocalSubnet
The default value is 0. When enabling a service, the set of IP addresses from which the unsolicited, incoming traffic is enabled can be defined by using this entry.
Specifies the IP addresses in the Scope entry.
Addresses = IP_address1, IP_address2
Value | Description |
---|---|
IP_addresses |
Specifies the IP addresses in the Scope entry. |
Addresses = 192.168.0.5,LocalSubnet
This entry is ignored unless the Scope entry is set to 2.