How to troubleshoot Windows Firewall configuration problems

If you're struggling to get the balance right between the enhanced security gained by enabling the firewall whilst maintaining the productivity of your systems then I recommend reading Michael Howard's recent post - click here to read the details. Michael shows how the "netsh" command can be used to reveal exactly what's going on with the firewall as a result of both your local configuration and that of any group policy settings you may have.

The "netsh" utility was significantly enhanced at Service Pack 2 to include all manner of new options. The utility is pretty friendly as you can see from the following transcript taken from a command session on my machine(initated by selecting "Run" from the start menu followed by "cmd" in the dialog box).

C:\>netsh firewall show ?

The following commands are available:

Commands in this context:
show allowedprogram - Shows firewall allowed program configuration.
show config - Shows firewall configuration.
show currentprofile - Shows current firewall profile.
show icmpsetting - Shows firewall ICMP configuration.
show logging - Shows firewall logging configuration.
show multicastbroadcastresponse - Shows firewall multicast/broadcast response co
nfiguration.
show notifications - Shows firewall notification configuration.
show opmode - Shows firewall operational configuration.
show portopening - Shows firewall port configuration.
show service - Shows firewall service configuration.
show state - Shows current firewall state.