The "netsh firewall" command together with the "profile=all" parameter does not configure the public profile on a Windows Vista-based computer
On a Windows Vista-based computer, the netsh firewall command together with the profile=all parameter does not configure the public profile. For example, the following command opens local port 80 to TCP traffic for the domain profile and for the private profile. But the following command does not open the public profile:
netsh firewall add portopening protocol=TCP port=80 name="Web Port" profile=allThe Windows Firewall Control Panel program only displays settings for the currently active profile. Therefore, if you run this command, and you then open the Windows Firewall Control Panel program when the public profile is active, you receive the following exception:
"Web Port" was not created for the public profile.Note This is expected behavior.
If you open the Windows Firewall Control Panel program when the domain profile or the private profile is active, you will receive the following exception:
"Web Port" was created.
The netsh firewall command-line tool is used to configure Windows Firewall on a local computer. This command provides the functionality that was supported by Windows Firewall in versions of Windows that are earlier than Windows Vista. The netsh firewall context will continue to function on Windows Vista. However, this command cannot fully configure many new features, such as the public profile.
The new netsh context is the netsh advfirewall command-line tool. This command fully supports the domain profile, the private profile, and the public profile. To work around this issue, use the netsh advfirewall context instead of the netsh firewall context.
Profiles in versions earlier than Windows VistaIn versions of Windows that are earlier than Windows Vista, Windows Firewall supported the following two profiles:
- The domain profile: This profile applies when all interfaces on the computer are connected to the domain of which it is a member.
- The standard profile: This profile applies the rest of the time.
netsh firewall add portopening protocol=TCP port=80 name="Web Port" profile=all
Profiles in Windows VistaIn Windows Vista, profile support has been extended to include the following three profiles:
- The domain profile: The domain profile applies when all interfaces are connected to domain locations. A network is automatically considered as a domain network location type when the network is authenticated to the domain of which it is a member.
- The private profile: The private profile applies when at least one interface is connected to a private network location, and any additional interfaces are connected to either private or domain locations. A local administrator can classify a non-domain network as private. The private network location type is intended for use in the home or in the small office when it is connected behind an edge device such a router.
- The public profile: The public profile applies when an interface is connected to a public network location. Any network is considered a public network when the network is not connected to the domain, and a local administrator has not specified the network as private. The public network location is intended for use in locations such as airports or coffee shops.
When you specify the profile=current parameter, the exception for the public profile is created if the current profile is the public profile. This is not the case when you specify the profile=all parameter. This behavior is intended to maintain application compatibility. For example, when the public profile is the active profile at the time that the command is run, the following command opens local port 80 to TCP traffic for the public profile:
netsh firewall add portopening protocol=TCP port=80 name="Web Port" profile=current
Article ID: 947213 - Last Review: 02/01/2008 18:04:03 - Revision: 1.1
Windows Vista Enterprise 64-bit Edition, Windows Vista Home Basic 64-bit Edition, Windows Vista Home Premium 64-bit Edition, Windows Vista Ultimate 64-bit Edition, Windows Vista Business, Windows Vista Business 64-bit Edition, Windows Vista Enterprise, Windows Vista Home Basic, Windows Vista Home Premium, Windows Vista Starter, Windows Vista Ultimate
- kbtshoot kbexpertisebeginner kbprb KB947213