Indeed, sub-domain admin should clone profile himself to be able to edit it, but it will be visible, usable and editable for other sub-domain admins of this scope and root admins in sub-domain scope. So dropped my a bit confusing 'PS' from previous post 😊
As for GPO, both undefined and enable are acceptable. Do not see any reason why having two Firewalls up is unwanted, especially if we are talking about short transition period…
Don't understand logic of the new firewall. We need allow inbound trafic from remote MS SQL server to subnet hosts. We create network service "MSSQL"
Name Protocol Initiator port Responder ports
MSSQL TCP (6) >1023 1433
We create firewall rule "Allow inbound MSSQL" in firewall profile:
Services Remote hosts
<= MSSQL SQL server IP address
When we look at Windows firewall settings, we find rule with:
Direction Local address Remote address Local Port Remote Port
Inbound Any SQL server 1433 1024-65535
This is the wrong situation. What would happen if we create the rule in a bi-directional (<=>) direction?
First of all there is NO need to define anythin on the Client side if you want to access a Windows SQL-Server. The standard Office profile has a Allow All TCP/UDP Outbound rule, that covers that.
Nevertheless you certainly have to allow inbound traffic on the server's Firewall (not managed by F-Secure)
"inbound" and "outbound" are always from the point of view, where the local firewall is installed. So a Client is connecting to a service that is outbound.
you want to remote adminster a User's windows system:
your system has and outbound connection (covered by the allow all outbound TCP/UDP), but
the user's windows box has an "inbound" connection.
The rule is always the same. initiator (local) ports: >1023; receiver (remote) port: 1433
perComp is a Platinum Partner of F-Secure since 1994. Any advice or help given by me in this forum is voluntarily and to my best knowledge based on working with the products since 1997. Direct contact for customers please check our homepage http://www.percomp.de