Computer/User Node :
MACHINE
Policy Path :
Administrative
Templates\Network\Network Connections\Windows Firewall
Supported on :
At least Microsoft Windows XP Professional with SP2
Help/Explain Text :
Allows
unsolicited incoming messages from specified systems that authenticate using
the IPSec transport. If you enable this policy setting, you must type a
security descriptor containing a list of computers or groups of computers. If a
computer on that list authenticates using IPSec, Windows Firewall does not
block its unsolicited messages. This policy setting overrides other policy
settings that would block those messages. If you disable or do not configure
this policy setting, Windows Firewall makes no exception for messages sent by
computers that authenticate using IPSec. If you enable this policy setting and
add systems to the list, upon disabling this policy, Windows Firewall deletes
the list. Note: You define entries in this list by using Security Descriptor
Definition Language (SDDL) strings. For more information about the SDDL format,
see the Windows Firewall deployment information at the Microsoft Web site
(http://go.microsoft.com/fwlink/?LinkId=25131).
Registry Settings :
HKLM\SOFTWARE\Policies\Microsoft\Windows\IPSec\ICFv4!BypassFirewall
0 التعليقات:
Post a Comment