Windows Firewall with netsh and services.msc
I've been playing aroundnetsh and modifying theWindows Firewall configuration. I've ran into some odd behavior (possibly due to my lack of understanding in specific areas). When using the command
netsh firewall set opmode disable
Windows Firewall becomes disabled based on the status in the Control Panel applet as well as the Windows Firewall with Advanced Security snap-in (wf.msc). As a basic test, I'm able to ping the machine from another location (the Vista Enterprise machine is essentially an out-of-the-box config).
However, simply stopping the Windows Firewall service from the Services snap-in (services.msc) and not using the CLI results in ICMP still being dropped. There's apparently a difference in the way the service itself behaves vs. when the operational mode is changed via netsh. I'm assuming this has something to do with how these components are layered on top of each other in the architecture. Am I missing something obvious?
May 26th, 2007 2:14am