In this lecture, I am going to be showing you how to create Firewall Rules with Group Policy.

Now, you don’t have a need to just open firewall ports on your domain so in this lecture, we are just going to be opening the ports 1234 and we are going to deploy to the domain, we are going to test it in our computers, and we are going to see how it works and how you can do it inside of your domain.

Always remember to open just the ports you need.

Steps:

1. In IPDC01 open Server Manager > Tools > Group Policy Management.
2. Create a New GPO, Under the specified OU Domain Computers. Name it Firewall - Test 1234.

3. Now we go into our GPO and Edit it by right-clicking on it.

NOTE: Firewall Settings is a Computer Configuration. When you create the GPO you need to link it to OUs that contain computer accounts.

4. Head over to Computer Configuration (Firewall settings are based on PC OU).
5. Policies > Windows Settings > Security Settings > Windows Firewall with Advanced Security.

6. Click into Windows Firewall. Now we can set Inbound/Outbound and Connection Security Rules. The rules are the same configuration for Inbound and Outbound.
7. We can also adjust top-level firewall rules:

8. Go to Inbound Rules > Right Click > New Rule
9. Choose Port > Next > Select UDP/TCP and Type in the required port:

10. Under Action > Allow > Under Profile > Select profiles > Next > Name the rule Test 1234:

11. Now the setting is good.
12. Let's check on our Computer, remember to run gpupdate /force, let's confirm that settings are good to go, we open RSOP.MSC on a member server, you may want to look for it as we did when creating the GPO, but you will notice it is not there.

13. The firewall will be under Administrative Templates > Extra Registry Settings. See your GPO rules here:

That is how you apply a Firewall Policy to your domain computers with a Group Policy Object.