By default on Windows Server 2012 and later, WinRM is configured to allow PS remoting, i.e. I don't have to issue an Enable-PSRemoting cmdlet. However, the Windows firewall is (understandably) configured rather strictly. There are two rules for Windows Remote Management (HTTP-In) - one is scoped for Public networks and the other is scoped for domain networks. Both of these are initially configured to limit remote IP addresses from the local subnet.
This works all well and fine when performing remote management from a remote machine that is on the local subnet, but that is not always going to be the case. Therefore, I would like to remove the local subnet option from one or both of those firewall rules. I have a script that already sets a number of firewall rules that I run against any new machine I build (yes, I know they could be configured in group policies, but some of these are set to allow certain things before the machine is domain joined). But I have not been able to figure out how to remove the local subnet from this rule. Very easy in the GUI - on the Scope tab select Any IP Address click OK and everything works as I want it to.
What parameter of the Set-NetFireWallRule -Name "WINRM-HTTP-In-TCP-PUBLIC" is used to set this? Or, is it a combination of commands?
Extra credit for instructions on how to find this. Generally I will do something like Get-NetFireWallRule | FL * to see everything that I might be able to modify, and it generally works for me. But I have been comparing the output of this between two systems - one configured by default and the other configured with the GUI to remove the local subnet, and I am not seeing any difference.
Thanks for the gui