Recipe 2.17. Disabling the Windows Firewall After Installation


You want the Windows Firewall in Windows XP Service Pack 2 or higher to automatically be disabled when a machine first boots after installation, for compatibility reasons with existing software you have deployed.


In Windows XP Service Pack 2, the Windows Firewall is automatically enabled at all times, including when the machine boots immediately after installation is completed. You can disable this by doing the following:

Using a graphical user interface

Unfortunately, you can't disable the firewall automatically after booting through the GUI. However, it's a painless procedure to quickly disable it after installation:

  1. Open the Control Panel.

  2. Double-click on the Windows Firewall icon.

  3. On the General tab, click the Off radio button.

  4. Click OK.

The firewall is now disabled.

Using Group Policy

If your machines are participating in a domain environment and you have access to Group Policy settings for the domain, you can disable the firewall through that method. If you use Group Policy, the settings will automatically be applied as soon as the machine boots the first time. The correct Group Policy object is Computer Configuration/Administrative Templates/Network/Network Connections/Windows Firewall/Domain Profile/Windows Firewall. Disable the setting "protect all network connections."

Using a command-line interface

The netsh utility can turn the firewall on and off, depending on the current firewall profile. To disable the firewall on a machine in a domain environment, use the following command:

> netsh firewall set opmode mode=DISABLE profile=DOMAIN

Or, if you are using a standalone machine, the following command will disable the firewall:

> netsh firewall set opmode mode=DISABLE profile=STANDARD

If you use unattended setup files, you can add the following lines to the appropriate SIF file to create a new firewall profile which has the firewall itself turned off:

[WindowsFirewall] Profiles = WindowsFirewall.TurnOffFirewall [WindowsFirewall.TurnOffFirewall] Mode = 0


For machines running a version of Windows XP earlier than Service Pack 2, you cannot turn the Internet Connection Firewall (ICF) off within unattended setup files. You'll need to disable the ICF however you wish once the machine has booted after installation.

Windows XP Cookbook
Windows XP Cookbook (Cookbooks)
ISBN: 0596007256
EAN: 2147483647
Year: 2006
Pages: 408

Similar book on Amazon © 2008-2017.
If you may any questions please contact us: