So I am trying to configure windows firewall GPO so that only the rules that we input in GPO get applied. I don't want local administrators to be able to create/change rules locally on their machine.
When I create firewall rules under windows settings - security settings - windows defender firewall with advanced security - inbound rules, initially they were showing up correctly and they were greyed out from the user. But the local administrator could create rules on their machine.
So I have went into windows defender firewall with advanced security - properties - settings - customize - apply local firewall rules = no. But now, the rules that I created by GPO are showed greyed out and unchecked on the local machine. Is there something that I am missing? Should I be setting firewall rules here: admin templates - network - network connections - windows defender firewall - domain profile - define inbound port exceptions?
Thank you. J
JayMurfe