There are two profiles for the firewall settings. The one is external and the other one is internal. I can't recall their exact names but the one operates when the firewall is aware that it's connect to it's domain and the other operates in all other scenarios.
-----Original Message----- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Abbiss, Mark Sent: 24 March 2005 12:09 PM To: [email protected] Subject: [ActiveDir] GPO's in AD (online and offline) We are in the process of rolling out XP SP2 in our environment and I am beginning to mess around a bit with the GPO settings for SP2, specifically the firewall. We have a mixture of laptop and desktop users, the desktops are no problem as we disable the firewall on all of them as the corporate network they are connected to handles all access rights. The laptop users however are a bit of a headache. What I need to be able to do is disable the firewall when the laptiops are logging on locally to the network but ensure that the firewall is enabled when they are working offline and perhaps making dialup connections to the internet. What I cant figure out is how I am supposed to get the firewall policy settings to the laptops. If they are logging on to the domain the firewall should be disabled and if they logon while disconnected from the domain then they wont process the GPO and therefore won't get any settings ?!? Just how can I solve this Catch 22 ? Thanks for any help List info : http://www.activedir.org/List.aspx List FAQ : http://www.activedir.org/ListFAQ.aspx List archive: http://www.mail-archive.com/activedir%40mail.activedir.org/ List info : http://www.activedir.org/List.aspx List FAQ : http://www.activedir.org/ListFAQ.aspx List archive: http://www.mail-archive.com/activedir%40mail.activedir.org/
