How to use Windows 7 DirectAccess with F-Secure firewall turned on?
To set up the F-Secure firewall for DirectAccess from Policy Manager Console:
1. Windows Firewall needs to be turned on, so you need to change this setting from the policy:
PMC advanced mode -> F-Secure Internet Shield -> Settings -> Installation -> Disable Windows Firewall -> No (Final)
2. From Policy Manager, change IPV6 traffic filtering options to Normal, setting is here:
PMC advanced mode -> F-Secure Internet Shield -> Settings -> Firewall Engine -> IPV6 Filtering Mode -> Normal (Final)
3. On Policy tab choose F-Secure Internet Shield -> Settings -> Services table, and edit LDAP service in the following way:
- Rename LDAP to LDAP UDP, for example;
- On the next page change IP protocol to UDP(17);
- On the next page change Initiator ports to >0. Click Finish;
4. On Policy tab choose F-Secure Internet Shield -> Settings -> Rules table, and modify Security Level in use so, that it will contain the following rules:
Note: TCP Service could be restricted to use only the ports needed to communicate with Policy Manager. Default ports are 80, 8080 and 8081.
Note: On the client side make sure that those policies were received. Also check that Windows Firewall profile in use is turned on(only those rules which are required for MS Direct Access).
Feel free to post feedback, corrections and suggestions to the article via this thread.