Skip to content

Windows Firewall just keeps fighting me…

I’m just trying to get some stuff to pass traffic, that’s all. However Windows Firewall on Server 2008R2 has decided that it’s too much to ask and is going out of it’s way to block the traffic.

Case in Point #1: I create a firewall rule to allow 443 in from a couple other subnets, everything works just fine. I turn on another system which resides in one of those subnets and it fails. I get a “Windows Filtering Platform has blocked a packet”.

Very weird, but maybe there’s something I’m missing. I turn on logging to see where we’re getting the failure. Here’s the funny part, the pfirewall.log file shows that it is allowing the traffic!
*NOTE: I highlighted the wrong one, so the arrow is pointing out the correct one.*
Firewall Allow, Filtering block

Probably a problem with the firewall policy right? Nope.
Firewall Policy
Firewall Policy

Some of the other things I’ve done to attempt to resolve the issue:

  • “netsh advfirewall reset” followed by recreating the rule via admin templates
  • “netsh advfirewall reset” followed by recreating the rule via Security Settings
  • “netsh advfirewall reset” followed by recreating the rule locally
  • Block Policy Inheritance, and retry all the above
  • Set the scope to any and the port to 443
  • Set the scope to any and the port to any

Everything else on the subnet is allowed in, so why would it be isolated to just this one system? I’m petitioning for a Microsoft Support Case to be made, hopefully they can get to the bottom of it.

Case in Point #2: Windows Firewall sees outgoing traffic and allows it. However, I get a “Windows Filtering Platform has blocked a packet” error again. The real head scratcher is that WFP sees the direction as being “Inbound”.
Send but Inbound is blocked

I’ve gone through and created the proper firewall rules to allow a source port exception of 5989, and even a rule to allow all traffic from the offending system. Still no luck. So I’m hoping to add that to the case and finally get to the bottom of these problems.

Any thoughts or insight is much appreciated…

Published inWindows Server

One Comment

  1. Hi,

    more than one time we encountered similar looking problems, especially with differend subnets.
    Weirdly enough in most cases allowing “Edge traversal” solved the problem for us.

    Hope this might be a hint for your problem.

    Best regards,
    Patrick

Leave a Reply