Known Issues for Securing Windows Firewall

Applies To: Windows Server 2003, Windows Server 2003 R2, Windows Server 2003 with SP1, Windows Server 2003 with SP2

Review the following known issues before you secure Windows Firewall.

  • If you do not configure the Windows Firewall: Allow local program exceptions Group Policy setting, the ability of administrators to define local program exceptions depends on the configuration of the Windows Firewall: Define program exceptions Group Policy setting. If the Windows Firewall: Define program exceptions Group Policy setting is not configured, administrators can define local program exceptions. If it is enabled or disabled, administrators cannot define local program exceptions.

  • If you do not configure the Windows Firewall: Allow local port exceptions Group Policy setting, the ability of administrators to define local port exceptions depends on the configuration of the Windows Firewall: Define port exceptions Group Policy setting. If the Windows Firewall: Define port exceptions Group Policy setting is not configured, administrators can define local port exceptions. If it is enabled or disabled, administrators cannot define local port exceptions.

  • If the Prohibit use of Internet Connection Firewall on your DNS domain network setting is enabled and the Windows Firewall: Protect all network connections Group Policy setting is enabled, then Windows Firewall is enabled when connected to the network from which the Group Policy object (GPO) was obtained with new Windows Firewall settings.