Hi All, We have a GPO that applies to all of our Windows 7 workstations stating that outbound connections are allowed. In our environment that seems safe enough. However, I still get complaints that certain outbound connections are being blocked. Today, I see on my own workstation a message that VMWare was blocked. How can that be? Here is the GPResult; below that is the FW message... TIA!

http://kb.vmware.com/selfservice/microsites/search.do?language=en_US&cmd=displayKC&externalId=1004813 Troubleshooting blocked inbound network traffic on Windows Vista or later after installing a VMware product Purpose <content></content> This article describes how to re-establish inbound network traffic to a computer running Microsoft Vista SP1, Server 2008, or Windows 7 that used to receive this traffic but is no longer able to after a VMware product was installed. </content><//content> Resolution <content></content> In some cases, the installation of a VMware product to a computer with a Microsoft Vista or later operating system prevents all inbound networking traffic from reaching the computer. This is caused by the Windows Firewall assigning the VMware virtual NICs to the Public network.

OK, something else wierd. Please help! I have been running the command: netsh advfirewall firewall show rule name=All verbose What I see is a lot of rules that: Are not shown in the GPO editor for the firewall GPOAre not shown in the local policy editorAppear to be created by Microsoft and VMwareAppear to let anything in. Scary! Like these... Rule Name: VMware Authd ---------------------------------------------------------------------- Enabled: Yes Direction: In Profiles: Domain Grouping: LocalIP: Any RemoteIP: Any Protocol: UDP LocalPort: Any RemotePort: Any Edge traversal: No Action: Allow Rule Name: VMware Authd ---------------------------------------------------------------------- Enabled: Yes Direction: In Profiles: Domain Grouping: LocalIP: Any RemoteIP: Any Protocol: TCP LocalPort: Any RemotePort: Any Edge traversal: No Action: Allow Rule Name: Windows Media Player x86 (UDP-In) ---------------------------------------------------------------------- Enabled: Yes Direction: In Profiles: Domain Grouping: Windows Media Player LocalIP: Any RemoteIP: Any Protocol: UDP LocalPort: Any RemotePort: Any Edge traversal: No Action: Allow Rule Name: Java(TM) Platform SE binary ---------------------------------------------------------------------- Enabled: Yes Direction: In Profiles: Domain Grouping: LocalIP: Any RemoteIP: Any Protocol: TCP LocalPort: Any RemotePort: Any Edge traversal: Defer to user Action: Allow Rule Name: Hyper-V Management Clients - WMI (Async-In) ---------------------------------------------------------------------- Enabled: Yes Direction: In Profiles: Domain,Private,Public Grouping: Hyper-V Management Clients LocalIP: Any RemoteIP: Any Protocol: TCP LocalPort: Any RemotePort: Any Edge traversal: No Action: Allow