frank419 2 Posted September 17, 2014 Share Posted September 17, 2014 Hello, I cannot for the life of me seem to resolve this simple issue. ESET firewall is blocking Powershell to my desktops. I have created a rule that allows port 5985 in both directions. Has anyone seen this, or struggled with letting powershell through the ESET firewall? Product: ESET Endpoint Security version 5.0.2228.1 Link to comment Share on other sites More sharing options...
Administrators Marcos 4,911 Posted September 17, 2014 Administrators Share Posted September 17, 2014 Does switching to learning mode for a while until all necessary rules are created automatically help? Link to comment Share on other sites More sharing options...
frank419 2 Posted September 17, 2014 Author Share Posted September 17, 2014 It did not seem to help. I actually tried that first as I think that is an awesome feature. It created a rule, but when it is no longer in learning mode, my remote powershell command no longer works. I also tried duplicating the rule made by learning mode, and made it bidirectional. Link to comment Share on other sites More sharing options...
Solution frank419 2 Posted September 17, 2014 Author Solution Share Posted September 17, 2014 I believe I have solved this issue. It took 2 things: Create a program rule for powershell_ise.exe Create a rule allowing port 9389 since my PS script check active directory Using the firewall log helped be get to the bottom of this. I will have to lean on it more, what a great log! Link to comment Share on other sites More sharing options...
jhufford 0 Posted October 10, 2014 Share Posted October 10, 2014 I believe I have solved this issue. It took 2 things: Create a program rule for powershell_ise.exe Create a rule allowing port 9389 since my PS script check active directory Using the firewall log helped be get to the bottom of this. I will have to lean on it more, what a great log! What exactly did your log show you, we have this exact same problem, we have ever port under the sun open and have it opened by application nothing fixes this issue. If we disable the firewall for ten minutes, we can connect for ten minutes. If the firewall is enabled, not only does the attempt to connect to the machine with powershell fail, it does not even generate a log entry. If you try to verify that the ports have been opened on the machine the profile was applied too, the ports do not show up in netstat -aon, or in the ESET SysInsepctor. Someone please point me in the direction of where I can find what exactly the firewall is doing when it is on versus when it is off, because we cannot find an explanation internally we our at a loss. Link to comment Share on other sites More sharing options...
Recommended Posts