Fortinet white logo
Fortinet white logo

EMS Administration Guide

Configuring Windows firewall domain profile settings

Configuring Windows firewall domain profile settings

To configure Windows firewall domain profile settings:
  1. In the Group Policy Management Editor, in the left panel, go to Computer Configuration > Policies > Administrative Templates > Network > Network Connections > Windows Firewall > Domain Profile.
  2. Select Allow inbound file and printer sharing exception:
    1. Right-click and select Edit.
    2. Enable the radio button.
    3. Provide the FortiClient EMS IP address in the text box.
    4. Allow unsolicited incoming messages from these IP addresses.
    5. Click OK.
  3. Select Allow inbound remote administration exception. Repeat steps listed in step 2 above to create an exception.
  4. Select Allow ICMP Exceptions:
    1. Right-click and select Edit.
    2. Enable the radio button.
    3. Select the Allow inbound echo request checkbox.
    4. Click OK.

To deploy the group policy manually, execute gpupdate /force on the Active Directory (AD) server to update the group profile on all endpoints.

Execute gpresult.exe /H gpresult.html on any AD client to view the group policy deployed on the endpoints.

Configuring Windows firewall domain profile settings

Configuring Windows firewall domain profile settings

To configure Windows firewall domain profile settings:
  1. In the Group Policy Management Editor, in the left panel, go to Computer Configuration > Policies > Administrative Templates > Network > Network Connections > Windows Firewall > Domain Profile.
  2. Select Allow inbound file and printer sharing exception:
    1. Right-click and select Edit.
    2. Enable the radio button.
    3. Provide the FortiClient EMS IP address in the text box.
    4. Allow unsolicited incoming messages from these IP addresses.
    5. Click OK.
  3. Select Allow inbound remote administration exception. Repeat steps listed in step 2 above to create an exception.
  4. Select Allow ICMP Exceptions:
    1. Right-click and select Edit.
    2. Enable the radio button.
    3. Select the Allow inbound echo request checkbox.
    4. Click OK.

To deploy the group policy manually, execute gpupdate /force on the Active Directory (AD) server to update the group profile on all endpoints.

Execute gpresult.exe /H gpresult.html on any AD client to view the group policy deployed on the endpoints.