Hey all, I have a 2008 Server that had a firewall rule applied to it via GPO - I believe it to be in error. I am trying to find exactly where this particular setting is coming from... In the advanced firewall MMC, I can see a couple of rules configured for the computer in Domain Profile (which is the active profile). There are two rules I see on the MMC. Name Group Profile Enabled Action Remote Desktop (TCP-In) Remote Desktop Domain Yes Block Remote Desktop (TCP-In) Remote Desktop Domain,Private Yes Allow The first rule is being created by a GPO somewhere. The second rule is not. So obviously RDP traffic is being blocked. Something else I did not expect was that if I go to the services MMC and stop the Windows Firewall service, that the server then drops most *everything*?! If I stop the firewall service, it doesn't respond to pings, the web site on there is no longer accessible, and of course - I still cant RDP to it. I am looking for exactly where this GPO is coming from - but does this behavior when stopping the firewall service sound right to anyone? Thanks, D

In the Windows Firewall MMC, go to inbound rules. On the right-hand side, click "View", then click "Add/Remove Columns". In the left column, select "Rule Source", and then click Add to move it into the active column. You can then move it up or down to the position you want. The column includes the name of the GPO used to apply that rule, or the value "Local Setting" if it was created on the local computer.I hope this helps! Dave BishopTeam LeadWindows Server Networking Information Experience Team