Windows 10: Windows Firewall block outbound?

Anyone ever manage to put together a working windows firewall policy to block outbound traffic to private & public networks on Windows 10? We're working on Always On VPN, using a device tunnel & 'ForceTunnel'. Microsoft defines 'ForceTunnel' as: All traffic except for local traffic must go over the tunnel. We have a security & content protection requirement to block all private/public traffic except for wifi captive portals.

I keep running into blockers surrounding network location awareness. All documentation is 10 years plus old. If anyone has one and is willing/able to share an export of their policy, I'd be forever grateful!

submitted by /u/QuistyTreppe
[link] [comments]

:)

 

Windows 10 Firewall - outbound 'block all' causes Windows to need Re-activating after a while

Hi,

I wonder if anyone could help me please? I am rather security conscious and go a step further than most people - I BLOCK all OUTBOUND firewall connections BY DEFAULT. I then create specific 'allow' rules to allow each friendly application through my firewall
to access the internet. This is to:

a) Protect my system from initiating mysterious outbound connections all over the internet from apps preinstalled that I have no idea do what. Hopefully this would also ensure my computer was never used as an internet bot (if it got compromised).

b) Allows me to control every application that 'I' know and pre-approve that application accessing the internet.

c) Seems a sensible, and wise thing to do.

d) Saves data transmissions costs when I'm paying for the internet connection (I want to use my allowance on what I want to do).

Hopefully the above doesn't seem unreasonable?

It's all been working perfectly for two weeks, when I was surprised to find that Windows 10 requires re-activation when it can't 'call home'. I have spent three hours of quality of time with Microsoft call centre, but haven't found anyone who knows what
blocking outbound firewall connections actually means. I was lucky enough to get them to reactivate my genuine copy of windows after much haggling and persuasion (phew!). But my outbound firewall blocking is definitely causing problems/complications that
Windows doesn't like.

I would like to please ask, I have Googled (or should I say Bing'd) this topic, but there's not much (ZERO) out there on:

1) What minimum list of applications does Windows require for OUTBOUND firewall connectivity. For instance there's lots that can AND SHOULD be blocked by default (Adobe Reader needs outbound connectivity by default? - I think not!).

2) For Windows Upgrade to work (inc online Activation / checkup) what applications / services need to 'call home' on a regular basis (so that I can create outbound rules that work just for those).

3) Windows Firewall logging is abysmal - it's not user friendly to decipher when it's blocking stuff that's requesting access. Plus there's no notifications.

4) Some people are suggesting allowing svchost.exe outbound access, but that seems to be a catchall for lots of applications to access the internet.

Thank you for your time reading this and replying if you're an absolute wizard on Windows Firewall )

 

Windows Firewall blocking websites

I have blocked IP addresses, e.g. 255.255.255.255, not URLs, e.g. somewebsite.co m.

As far as unblocking, look at your Windows Firewall rules. Do you see anything that is blocked? If you do, click on the Scope tab and see what is listed there.

 

Cant find windows updates with outbound blocking on.

When I enable outbound blocking in the windows firewall on windows 10 and attempt to check for updates I get the following message.

"We couldn't connect to the update service. We'll try again later, or you can check now. If it still doesn't work, make sure you're connected to the Internet."

I have created a rule to allow the wuauserv service through the firewall like I did previously with windows 7. Since it works works with outbound blocking disabled I am assuming there is something else I need to allow through the firewall but I cannot figure
out what.