Group policy issues.
On the XP sp2 machines if you enable the firewall but allow 445
traffic... merely enabling 445 with also allow ICMP.
Product team did this because they need it for group policy.
See discussion on focusonms listserve way back when XP sp2 first came out.
[Fire up your firewall and in the advanced window you can see it too]
Tom Kern wrote:
What affect would blocking icmp packets on all vlans have on win2k/xp
client logons in a win2k forest?
any?
I know clients ping dc's to see which responds first and later ping
dc's to determine round trip time for GPO processing, but would
blocking icmp's have any adverse affects on clients?
I only ask because my corp blocks icmp's on all our vlans and i get a
lot of event id 1000 from Usernev with error code of 59 which when i
looked up, refers to network connectivity issues. i think this event
id is related to the fact we block icmp packets and i was wondering if
thats something i should worry about in a win2k network.
Thanks
List info : http://www.activedir.org/List.aspx
List FAQ : http://www.activedir.org/ListFAQ.aspx
List archive: http://www.mail-archive.com/activedir%40mail.activedir.org/
