Hello,I'm setting up Windows Firewall exceptions through Group Policy.The policy setting are applied successfully.I enabled (allowed) the inbound file and printer sharing exception.I only allow this on computers of my local subnet (scope).Normally this should open TCP 445 and would allow me to ping computers on my subnet.This works fine for XP computers but not for Windows Vista computers.If allow the ICMP exception 'Allow inbound echo request' ping works fine.But I don't want to do that because you can't define a scope in this policy.Any ideas how I can allow ping for Vista for a scope of ip addresses?

Hi, Thank you for your post. Firstly, may I know the following? 1. The version of your server, Windows Server 2003 or Windows Server 2008? 2. The detail steps you create the firewall related Group Policy. In addition, as I know, in Windows Firewall with Advanced Security or the related Group Policy settings, there is a scope option for the rules. Configuring Scope Settings http://technet.microsoft.com/en-us/library/cc781515(WS.10).aspx Firewall Rule Wizard: Scope Page http://technet.microsoft.com/en-us/library/dd448558(WS.10).aspx As you said you can't define a scope in this policy., please give us more information about this. Thanks. Nicholas Li TechNet Subscriber Support in forum If you have any feedback on our support, please contact tngfb@microsoft.com.Nicholas Li - MSFT

I just want to say hi and see how this is going. I would appreciate it if you could drop me a note to let me know if you have any questions or concerns with the information I provided. If so, please feel free to let me know. I am happy to be of assistance. :) Thanks! Nicholas Li TechNet Subscriber Support in forum If you have any feedback on our support, please contact tngfb@microsoft.com.Nicholas Li - MSFT

Hi Nicholas,thanks for your reply. Here's the information you asked for:1. I have a mixed environment PDC runs Windows Server 2003 R2, two additional domain controllers run Windows Server 2008While checking in noticed that my domain functional level is Windows Server 2003, Forest functional level isWindows 20002. I made a seperate Vista Computer Policy and linked it to the correct OU. The policy is applied correctly to all comuters in the OU.For managing the group policies I installad Remote Administration Tools on a Vista Workstation.Policies are managed through Group Policy Management console.Policy is set in\\Computer Configuration\Policies\Administrative Templates\Network\Network Connections\Windows Firewall\Domain ProfileI enabled 'Allow inbound file and printe sharing exception' for my local subnet.----------------------------------So it seems that I was looking in the wrong place.I'm going to to set theexception in the Windows Firewall with Advaced Security policy.Thanks a lot for your help.