Use this tab to configure the profiles and interface types to which this firewall rule will be applied.
To get to this tab |
-
In the Windows Firewall with Advanced Security MMC snap-in, in either Inbound Rules or Outbound Rules, double-click the firewall rule you want to modify, and then click the Advanced tab.
Profiles
A profile is a way of grouping settings, such as firewall rules and connection security rules, that are applied to the computer depending on where the computer is connected. Windows determines a network location type for each network adapter, and then applies the corresponding profile to that network adapter. On computers running this version of Windows, there are three profiles recognized by Windows Firewall with Advanced Security.
Profile | Description |
---|---|
Domain |
Applies when a computer is connected to a network that contains an Active Directory domain controller in which the computer's domain account resides. |
Private |
Applies when a computer is connected to a network in which the computer's domain account does not reside, such as a home network. The private profile settings should be more restrictive than the domain profile settings. A network is assigned the private type by a local administrator. |
Public |
Applies when a computer is connected to a domain through a public network, such as one available in airports and coffee shops. The public profile settings should be the most restrictive because the computer is connected to a public network where the security cannot be as tightly controlled as it is in an IT environment. By default, newly discovered networks are assigned the public type. |
Notes | |
|
Interface types
Click Customize to specify the interface types to which the connection security rule applies. The Customize Interface Types dialog box allows you to select All interface types or any combination of Local area network, Remote access, or Wireless types.
Edge traversal
Edge traversal allows the computer to accept unsolicited inbound packets that have passed through an edge device, such as a network address translation (NAT) router or firewall.
Notes | |
|
Select one of the following options from the list:
Block edge traversal (default)
Prevent applications from receiving unsolicited traffic from the Internet through a NAT edge device.
Allow edge traversal
Allow applications to receive unsolicited traffic directly from the Internet through a NAT edge device.
Defer to user
Let the user decide whether to allow unsolicited traffic from the Internet through a NAT edge device when an application requests it.
Defer to application
Let each application determine whether to allow unsolicited traffic from the Internet through a NAT edge device.