I can't connect - but the firewall is off!

  • Article

Sometimes you simply cannot connect to another system, in one case a domain controller. You know the server is running. You see it, you log into it, you connect to other systems from it. What are you to do?

In one case, this happened in a domain controller scenario, where 2 DCs wouldn't replicate. Now, we go through the usual troubleshooting steps.

  • See the server is online
  • Log into the server
  • Connect to other systems
  • Verified in GPO and RSOP that Windows Firewall was turned off for the domain
  • From a remote test, ping fails, connecting to the file system fails

What is there to do? Well, look at the Windows Firewall manually. You will see the usual 3 profiles, however, the Domain Profile was not active, the Public Profile was. Well, this explains it, but how can a Domain Controller using itself as DNS not see itself as a Domain network?

This is an issue of timing, and there is an easy fix for this. Simply go to Services and then Network Location Awarness. This service is the one that determines the network / Windows Firewall profile you should be using. Set this service to Automatic (Delayed Start) and the OS should have ample time to properly detect the network you're in. This definitely beats other methods like disabling and enabling your network adapter manually.

Hope this helps...

— If you like my blogs, please share it on social media, rate it, and/or leave a comment. —