I am trying to understand how Windows AdvFirewall lists rules. On a Windows 2008R2 server, for example, Under Inbound Rules, it has 2 items listed for Network Discovery (UPnP-IN). One is for "Domain,Private" and one is for Public. I understand the concept of multiple profiles but why is this listed twice? Why not just one entry and list Profile as "All" The second question is under Monitoring/Firewall only the "Domain,Private" for Network Discover (UPnP-In) is shown. Why are some rules not shown under Monitoring? Monitoring seems to be a subset of the rule but I don't understand why. I think I am missing the concept of what exactly the Monitoring tab is and how it differs from the Inbound and Outbout tabs. Thanks.Roger

Hi. In my Windows 2008r2 Network Discovery (UPnP-IN) is just one entry. Are you running SP1? The Monitoring/Firewall displays active and used rules. So if both an Private and Domain rule is enabled, and the server only has networks defined as Domain, Private wont show.Oscar Virot

No I am not running SP1. But I see two entries for Network Discovery (UPnP-In) under Inbound rules. When I look at the Properties of each rule the only difference is that under the Advanced tab one has the "Public" setting checked and the other has the "Domain" and "Private" checked. I guess it isn't a big deal I am just trying to understand why. I am working with a customer to write verification procedures and it is fairly important that I know why things are working not just that they are. The second part seems to be correct. My server has only one NIC and it is connected to a Domain profile. When you go to Control Panel, Firewall, it shows the only thing the Firewall is connect to is "Domain" When you go to Monitoring, the only thing that shows are Rules that are either "All" Profiles or ones that have "Domain" as part of them. Rules that are "Private" only or "Public" only don't show which is consistent with what you are saying. Roger

When looking on my test DC Windows 2008r2 SP1 I only see one. My guess Microsoft did change to one of the rules late in the stages of Windows2008 release. And noticed to late that they could be merged. And have corrected this in SP1.Oscar Virot