TCP Rule Explained:
Enable all TCP traffic to the remote IP subnet that you created for your VM Lab, in my case I use the subnet “192.168.64.0/24”
VM Network Editor, this blog is referring to Host-only networking issues.
Firewall rule properties…
Remote IP needs to match your VM Host-Only Range.
Do the same exact thing for UDP…
2). Make sure Ping is enabled for troubleshooting. Windows by default does not necessarily allow ping responses to be received. These default rules need to be turned on to allow Ping across the board. Notice how public is disabled by default here. This is for security and why you want your VM NICS to be recognized as a WORK/Private interface.
3). Make sure your VM NICs are not set to public. If so you need to modify your local GPO settings so you can make them a Work/Private Nic.
Using the Gpedit.msc command…
The issue I have seen is that VMWare Workstation will get detected as an unknown network and you will not be able to change its settings. By changing this setting you will be able to detect the NIC as Private and or manually change it. This, of course, can differ from product to product and the way the Domains GPO’s are configured.
4). For further troubleshooting, I always turn on dropped packet logging on my windows firewall across all 3 profiles. There should never be the need to disable the firewall completely if traffic is getting dropped you should see it here in the log.
Example of dropped packets…
Summary:
If you have a basic understanding of networking this guide should be able to help you get any network connection going on a Windows machine where the native firewall is being leveraged.
Bonus:
I highly recommend this small windows plugin called Window Firewall Control. It gives you the power to leverage the outbound firewall and application inspection features of the very powerful windows firewall with a more 3rd party popup look and feel. By using a strict default set of firewall settings any new apps that request internet access get notified to my screen where I can approve or deny their access. This is all supported by windows out of the box they just never made an interface to leverage these powerful features. Maybe next week I will create a blog on how I leverage this product to fully lock down the windows firewall to the fullest extent possible.
Leave a Reply