- In the Group Policy Management console, right-click the policy object you want to edit, then click Edit.
- In the Group Policy Management Editor console, navigate to Computer Configuration > Policies > Administrative Templates: Policy definitions (ADMX files) retrieved from the local machine > Network > Network Connections > Windows Firewall > Domain Profile.
- Click Windows Firewall: Allow local program exceptions and click the policy setting link. Select Not configured. Click Next Setting.
- In Windows Firewall: Define inbound program exceptions, select Not configured. Click Next Setting.
- In Windows Firewall: Protect all network connections, select Enabled. Click Next Setting.
- In Windows Firewall: Do not allow exceptions, select Not Configured. Click Next Setting.
- In Windows Firewall: Allow inbound file and printer sharing exception, do the following:
- Select Enabled.
- In the Allow Unsolicited Incoming Messages From these IP address field, enter the local subnet. For greater security, you can specify the IP address of the Onsite Manager server. However, make sure that by introducing this limitation you are not impacting actions of users who are not using Barracuda RMM.
- Click Next Setting.
- In Windows Firewall: Allow ICMP exceptions, do the following:
- Select Enabled.
- Enable the Allow inbound echo request check box.
- Click Next Setting.
- In Windows Firewall: Allow logging, select Not Configured. Click Next Setting.
- In Windows Firewall: Prohibit notifications, select Not Configured. Click Next Setting.
- In Windows Firewall: Allow local port exceptions, select Not Configured. Click Next Setting.
- In Windows Firewall: Define inbound port exceptions, do the following:
- Select Enabled.
- Click the Show button. In the Show Contents dialog box, type 5985:TCP:<OM IP Address>:enabled:WinRM , where <OM IP Address> is the IP address of the site’s Onsite Manager.
- Click Next Setting.
- In Windows Firewall: Allow inbound remote administration exception, do the following:
- Select Enabled.
- In the Allow Unsolicited Incoming Messages from field, type the local subnet. For greater security, you can specify the IP address of the Onsite Manager server. However, make sure that by introducing this limitation you are not impacting actions of users who are not using Barracuda RMM.
- Click Next Setting.
- In Windows Firewall: Allow inbound Remote Desktop exceptions, do the following:
- Select Enabled.
In the Allow Unsolicited Incoming Messages From field, enter the local subnet. For greater security, you can specify the IP address of the Onsite Manager server. However, make sure that by introducing this limitation you are not impacting actions of users who are not using Barracuda RMM.
- Click Next Setting.
- In Windows Firewall: Prohibit unicast response to multicast or broadcast requests, select Not Configured. Click Next Setting.
- In Windows Firewall: Allow inbound UPnP framework exceptions, select Not Configured.
- Click OK.