Xp SP2 firewall won't enable

[n5eea]

I recently did an upgrade to SP2 on an existing system. When I look at the Security Center firewall, I see the setting is currently OFF. The ON and Don't allow exceptions buttons are grey out and there doesn't seem to be any way to get them working. Clicking on them doesn't change anything.

I can add/remove exceptions however.

I have tried modifying the registry key:

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile]

"EnableFirewall"=dword:00000000

I've tried to change the DWORD to 0 or 1, but the Windows Firewall still will not allow me to change the status.

Anyone have any ideas or suggestions?

Thanks,

Rog

[matrix0978]

Are you logged in as the administrator? or a user?

http://www.codeproject.com/w2k/Antifirewall.asp ? Does that help?

[matrix0978]

Also if your using a 3rd party firewall update it. or sometimes it will interfere with your Windows XP firewall!

http://www.tweakhound.com/xp/securitycenter/index.htm

[n5eea]

Are you logged in as the administrator? or a user?

http://www.codeproject.com/w2k/Antifirewall.asp    ? Does that help?

<{POST_SNAPBACK}>

I'm actually logged in as admin, but the issue is to be able to push a script to the desktops on a network that will allow the registry change to all SP2 machines on the network.

From the above link, this info from the site is similar to what I'm looking for:

HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\

Parameters\FirewallPolicy\StandardProfile

With a REG_DWORD value named EnableFirewall, 0 means turn off and 1 means turn on!

I also found today what may be my solution (sort of).....

HKLM\SOFTWARE\Microsoft\Security Center

Setting AntiVirusOverride will disable the warnings in the AV settings and show check in box for "I have an antivirus program I'll monitor myself". Thus no more popup on that warning and shows a status of not monitored.

Setting FirewallOverride should disable the firewall warnings as best as I can tell. Or at least it did on a test machine after rebooting it. The AntivirusOverride did not require a reboot to take affect.

Now I also have another minor issue that I'm pretty sure I created.

In the Security Center, regardless whether the Firewall is ON or OFF, if I click on the Windows Firewall icon under the Manage Security settings section, The option to manually set the firewall to on or off by clicking it with the moiuse is gone. You can see whatever it's current status is, but the text is greyed out and you can not select anything. You can however check the DOn't allow exceptions box, or go to Exceptions ot Advanced tabs and make changes in thise sections. But no ability to change anything under the General tab.

Very wierd.

I figure there is another registry key option somewhere that gives the option to enable or disable changes to the General tab settings. I just haven't found it yet.

[matrix0978]

I figure there is another registry key option somewhere that gives the option to enable or disable changes to the General tab settings. I just haven't found it yet.

Yeah i actually just saw that today. And i forgot about this post. I will try and find it again and will post it back up here!

[IcemanND]

with SP2 'netsh firewall reset' will turn the firewall back on using the settings from %windir%\inf\netfw.inf.

This is of course assuming you don't have a problem with the firewall service on the system.

I had and IBM Thinkpad which I had to install all of the updated drivers and software from IBM before installing SP2 in order to turn on the firewall.

[matrix0978]

Have you tried reinstalling windows Xp?

[n5eea]

I figure there is another registry key option somewhere that gives the option to enable or disable changes to the General tab settings. I just haven't found it yet.

Yeah i actually just saw that today. And i forgot about this post. I will try and find it again and will post it back up here!

<{POST_SNAPBACK}>

I'll be more than happy to hear back from you if you found the info. Be sure to get alink for it if you can.

[n5eea]

with SP2 'netsh firewall reset' will turn the firewall back on using the settings from %windir%\inf\netfw.inf.

This is of course assuming you don't have a problem with the firewall service on the system.

I had and IBM Thinkpad which I had to install all of the updated drivers and software from IBM before installing SP2 in order to turn on the firewall.

<{POST_SNAPBACK}>

There is no problem on the firewall/network to my knowledge. New PC's arriving with SP2 preinstalled have no problems. A AD domain exists, but the pc is in a work group and doesn't authenticate to the domain.

I tried that... it didn't work.

Also tried reinstall atl.dll and hnetcfg.dll didn't work

edited msconfig unchecked and disabled services ..... didn't work

reinstalled eventlog.dll and advapi32.dll ........ didn't work

netsh winsock reset ..... didn't work

reinstalled netfw.inf ........ didn't work

deleted sharedaccess and reinstalled from HIVE ......... didn't work

uninstalled SP2 and reinstalled ...... still doesn't work

I was on the phone with a MS tech for over 4 hours. He stated he couldn't find anything in their records for this. So maybe it's a new bug or something.

Strange this is I can turn the firewall off/on via the registry by changing the 0/1 in the following key:

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile]

"EnableFirewall"=dword:00000001

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile]

"EnableFirewall"=dword:00000001

On reboot, it will show the changed state. But via the Windows Firewall GUI, I can't change stop/start. The text next to the buttons is still greyed out.

If it's set to on, the firewall does work properly.

Very wierd and frustrating.

[n5eea]

I figure there is another registry key option somewhere that gives the option to enable or disable changes to the General tab settings. I just haven't found it yet.

Yeah i actually just saw that today. And i forgot about this post. I will try and find it again and will post it back up here!

<{POST_SNAPBACK}>

I'll be more than happy to hear back from you if you found the info. Be sure to get alink for it if you can.

<{POST_SNAPBACK}>

I found the solution today!!!!

It appears to have been an issue created by the deployment configuration file for my network's SP2 upgrade. It got set initially on the patch with a -WindowsFirewallOFF flag.

In any event the fix was......

Rename the following registry key (you may be able to delete it but I was told to rename it).

HKLM\SOFTWARE\Policies\Microsoft\WindowsFirewall

Just rename the WindowsFirewall key.

On my PC that I installed SP2 as part of a Microsft Update download, this key does not exist in the registry at all.

In case you were curious, on the pc's that were affected, the registry key looked like this:

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile]

"EnableFirewall"=dword:00000000

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile]

"EnableFirewall"=dword:00000000

On a non-affected system, The WindowsFirewall key and subkeys did NOT exist at all.

I hope this info may help others.

[matrix0978]

Nice find! Glad it worked out!

[blockout]

n5eea,

I am having the exact same problem with not being able to access the windows firewall and start it after installing SP2. Unfortunately the registry rename fix you provided didn't work for me. Do you have any other suggestions that I might look into?

After the SP2 install reboot, the firewall came up unmonitored and security center cannot enable it. When try to enter the firewall settings, I get the message, "Do to an unidentified problem, Windows cannot display Windows Firewall settings".

I would greatly appreciate any suggestions on how to repair this problem. All else seems to be working well. Thanks.

[blockout]

Followup,

Since nothing I tried would turn on the Windows Firewall, I uninstalled ServicePack 2.

After reboot, if I go to the network adapter properties to enable the firewall, now I get a message saying "a error occured while Internet Connection Sharing was being enabled" and "the specified service does not exist as an install service."

Can anyone help with this. Maybe if I can get this straight, when I reinstall SP2 it will allow the firewall to enable. Thanks

[fms2k8]

i have the same problem now. when ever i try to open the windows firewall settings it says..."Windows Firewall settings cat be displayed because the associated service is not running. Do you want to start the Windows Firewall/ Internet Connection Sharing (ICS) serivce?"

What does that mean? Whats the associated program? Someoe please help me. Thanks.

[blockout]

fms2k8,

After trying all the above suggestion in this thread, I finally solved my firewall problem by uninstalling service pack 2 and then doing a registry fix on this key

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess

That let me enable the firewall but with service pack 1. Then I reinstalled service pack 2 and all is well.

Attached is a reg fix for it that I obtained from another site. Worked great for me but remember that this is the key from a machine with service pack 1.

Hope this info helps in some way.

HKLM_Sys_CCS_Services_SharedAccess.reg