Windows 7 / Networking

Authenticated Bypass Rules

Authenticated bypass rules are firewall rules that will allow a connection even though the existing firewall rules in Windows Firewall with Advanced Security would block the connection. Specifically, authenticated bypass rules let you block a particular type of traffic using firewall rules while allowing authenticated users or computers to bypass the block. A typical use for authenticated bypass rules is to allow network scanners and intrusiondetection systems to run on computers running Windows and to not have Windows Firewall with Advanced Security block their functionality.

Authenticated bypass rules require that the network traffic from the authorized computers be authenticated using IPsec so that identity can be confirmed. Authenticated bypass can be configured for inbound firewall rules, not outbound rules. However, you can specify override block rules in conjunction with authenticated outbound rules. The difference is that for the outbound rules, you don't have to specify remote machines, while for inbound rules you have to specify either remote machines or users.

For example, to enable authenticated bypass for the example rule discussed previously, select Override Block Rules in Figure 26-6 and then modify the filtering conditions for the rule to specify an authorized computer, user, or group of computers or users. Note that specifying users or user groups does not suffice-you must specify a computer or a computer group. Specifying only a user or user group for an inbound override block rule does not allow the rule to be configured and displays the error message "Rules that override block rules must specify at least one computer or computer group for authorization." Note also that if you do specify a computer or computer group, you may also specify users or user groups. For more information on how to configure authenticated bypass rules, see the section titled "Creating and Configuring Firewall Rules" later in this tutorial. For additional information, see http://technet.microsoft.com/en-us/library/cc753463.aspx.

[Previous] [Contents] [Next]

In this tutorial:

  1. Configuring Windows Firewall and IPsec
  2. Understanding Windows Firewall with Advanced Security
  3. Improvements to Windows Firewall Introduced Previously in Windows Vista
  4. Additional Improvements to Windows Firewall in Windows 7
  5. Understanding the Windows Filtering Platform
  6. Windows Firewall and the Startup Process
  7. Understanding Windows Service Hardening
  8. Understanding Service SIDs
  9. Windows Firewall and WSH
  10. Windows Firewall and Service Triggers
  11. Understanding Multiple Active Firewall Profiles
  12. Understanding Rules
  13. Understanding Firewall Rules
  14. Inbound vs . Outbound Rules
  15. Allow vs . Block Rules
  16. Allow If Secure Rules
  17. Authenticated Bypass Rules
  18. Filtering Conditions FOR Firewall RULES
  19. Understanding Connection Security Rules
  20. Types of Connection Security Rules
  21. Supported IPsec Settings for Connection Security Rules
  22. Default IPsec Settings for Connection Security Rules
  23. Windows Firewall and Windows PE
  24. Understanding Default Rules
  25. Understanding WSH Rules
  26. Understanding Rules Processing
  27. Managing Windows Firewall with Advanced Security
  28. Tools for Managing Windows Firewall with Advanced Security
  29. Managing Windows Firewall Using Control Panel
  30. Managing Windows Firewall Using the Windows Firewall with Advanced Security Snap-in
  31. Managing Windows Firewall Using Group Policy
  32. Considerations When Managing Windows Firewall Using Group Policy
  33. Managing Windows Firewall Using the Netsh Command
  34. Common Management Tasks
  35. Enabling or Disabling Windows Firewall
  36. Configuring Firewall Profiles and IPsec Settings by Using Group Policy
  37. Creating and Configuring Firewall Rules
  38. Creating and Configuring Connection Security Rules
  39. Monitoring Windows Firewall
  40. Troubleshooting Windows Firewall
  41. Troubleshooting Windows Firewall Using Firewall Logs
  42. Troubleshooting Windows Firewall Using Event Logs
  43. Troubleshooting Windows Firewall Using Auditing
  44. Troubleshooting IPsec Issues Using Netsh Wfp
  45. Troubleshooting Windows Filtering Platform and IPsec Issues Using Netsh Trace