Windows 10: Windows 10/11 Clients Defender does not act according to GPO created outbound firewall rules.

Windows 10/11 Clients Defender does not act according to GPO created outbound firewall rules.We noticed that our current Windows 10 and 11 Clients do not adhere to outbound firewall rules set via GPO.I tried a similar szenario in Hyper-V.Using Windows Server 2022 EVAL as DC and a Windows 10 22H3 Client.This environment was completely stock and the result is the same.The GPO get's applied,Windows Defender Firewall on the client does show the created rules.However they do not work.It's alsow not possible to querry those rules via Powershell, they don't show up.Creating the rules manualy works no

:)

 

Windows Firewall Outbound rules

Hi Matthew,

Welcome to Microsoft Community.

I'm Hahn and I'm here to help you with your concern.

Outbound rules are used to control the network traffic that originates from your device and goes to another device on the network or the internet. By default, Windows Firewall allows all outbound network traffic, unless it matches a rule that prohibits the traffic.



If you want to block or allow a specific program or port to communicate outbound, you need to create a custom outbound rule. You can do this by following these steps: Configure firewall rules with group policy - Windows Security | Microsoft Learn



Unfortunately, Windows Firewall Outbound rules issue is not supported on the Microsoft Answers forum. It is more suitable for publishing on Microsoft Learn (English only), you can click on "Ask a question", there are experts who can provide more professional solutions in that place.



Here is a link: Windows 10 Security - Microsoft Q&A to the forum where you can raise specific scenarios and share your idea to help solve the problem.



I won't be able to help you, but I'll leave that question open in case one of our amazing volunteers has ideas for you.



Your Sincerely

| Microsoft Community Support Specialist

 

Add Store apps to Windows Firewall outbound rule

Hello,

I have changed Windows Firewall to block outbound connections.

I had no problem configuring outbound rules to allow classic applications accessing the internet.

I have tried adding the following two rules, but it does not work:

• %ProgramFiles%\WindowsApps\Microsoft.WindowsStore_22210.1401.13.0_x64__8wekyb3d8bbwe\WinStore.App.exe
  
• C:\Windows\System32\RuntimeBroker.exe
  

I receive the next error when trying to use Windows Store:

You'll need the Internet for this.

It doesn't look like you're connected to the Internet. Check your connection and try again.

0x800704cf

I am aware of the answer bellow, but it does not work:

Redirecting

For example, Feedback Hub is marked as allowed but the same error is displayed when trying to use the app.

How do I create outbound rules for Windows Store apps in Windows Firewall?

 

Windows Firewall Outbound rules

I set windows firewall to block all inbound and outbound connections on all profiles (Public, Domain, and Private). I then created an outbound rule for one specific program that i want to allow through. I am looking at 2 computers, both with the exact same firewall rules. One works and one doesn't.

I have tried creating another rule to allow all outbound connections to that local server's IP address. I still cant hit that server. It's almost like sometimes the outbound connections blocked in the profile is taking precedence over the rules i have created.

I have set many computers up this way and have the same issue until it magically starts working. Again the rules are all the same. The actual error i get from the application is a .net error stating: An attempt was made to access a socket in a way forbidden by its access permissions (server IPort)

Not sure what is happening here or why it works sometimes, and sometimes it doesn't. As far as i know. I shouldn't have to allow services through, just the program should be enough, and it has been enough for the other computers currently working with this setup.