I’m installing a handful of computers today, and one of the things I’m doing is loading UltraVNC on them. Well, these computers are way behind on updates, and several of them require SP2, which as you may or may not know, turns on the firewall even if you’ve turned it off. So I recently decided that I would add exceptions for VNC, so that even if it’s on, I can get to the box.
The problem is that it kept disappearing. Until just now, I could not figure it out. Well, apparently if you set up a firewall exception while a computer is a member of a workgroup, then join a domain, that exception is lost! What in the world were they thinking? The default MS stuff is there, of course. Why can’t they leave ones added by the user?
Comments
2 responses to “Windows XP Firewall Exceptions”
The reason why the exceptions are lost when you join a domain from a workgroup are that there are 2 settings for the firewall within group policy. There is a standard setting and a domain setting. This is very useful for laptops. While a laptop is plugged into the domain, its firewall may need to allow a different set of exceptions. A domain probably has its own hardware firewall, upstream firewall or a proxy providing a firewall. But when the laptop is home off the domain, security needs to be tight to prevent intrusion.
Therefore, being able to change the settings for when on a domain and when off are extremely important.
I’m struggling setting up VNC as well!!!
Pete
No idea. It’s probably just a way for “you know who” to keep things easier if you use only their stuff. And, well… it’ll probably sell more licenses… more or less