Firewall on Windows Server 2003

Enabling firewall on Windows Server 2003.

Windows Server 2003 Enterprise Edition 2003 R2 is shipped with Windows Firewall, that is installed, but not enabled by default (I suppose that this the case for other releases of Windows Server 2003, too?).

To enable (and configure) Windows Firewall, open the Start menu and choose Control Panel > Network Connections > Local Area Connection. If your computer has more than one network adapters (as is the case of my machine), choose either of them. The initial firewall setup will be done for all adapters. In the opening Local Area Connection Status window, push the Properties button. This opens the Local Area Connection Properties window. In this window, open the Advanced tab, and push the Windows Firewall Settings button.

Windows Server 2003: Local Area Connection Properties - Open 'Windows Firewall settings'

This results in a dialog box with the message that Windows Firewall cannot run because the Firewall/ICS service is not running. Push the Yes button to start the service.

Windows Server 2003: Starting the 'Firewall/ICS' service

In the Windows Firewall window, turn the firewall on.

Windows Server 2003: Turning Windows Firewall on

Now open the Advanced tab. Here you can enable/disable the firewall selectively on a given network card, as well as configure the firewall for a given network card.

As I said, my Windows Server 2003 machine has 2 network adapters. Local Area Connection is connected to my IPFire firewall/router machine, thus has connection to the Internet. Obvious that the firewall has to be turned on for this adapter. Local Area Connection 2 is connected to a LAN. As I want the computers of the LAN to freely access the server machine, I disabled the firewall for this network adapter.

As I want to be able to ping my Windows Server 2003 from other parts of my network, some ICMP requests have to be authorized for the external network adapter. On the the Advanced tab of the Windows Firewall window, select Local Area Connection, and push the Settings button (note that on the screenshot, the firewall for Local Area Connection 2 is not yet disabled).

Windows Server 2003: Configuring the advanced firewall settings for the (external) network adapter

On the ICMP tab, set those ICMP requests that you want to be allowed. I did allow the following:

Incoming echo request: this allows to make "ping" requests.
Incoming router request: this allows to make "trace route" requests.
Outgoing destination unreachable: this allows to get a "destination unreachable" answer.
Outgoing time exceeded: this allows to get an answer on timeout.

Windows Server 2003: Windows Firewall - ICMP settings for the (external) network adapter

The screenshot below shows how I successfully ping the Windows Server 2003 machine from my Windows 10 laptop.

Windows Server 2003: Ping of Windows Server from a computer on the external network

If you find this text helpful, please, support me and this website by signing my guestbook.

Computing: Computer Administration

Enabling firewall on Windows Server 2003.