Communicating between subnets fails

techtester-m

@johnpoz Some devices are not used by me or controlled by me and other family members don't understand computers/IT as I do and so they can download malware, click on ads, spam emails etc. I don't wanna mess with their hosts' firewall or antivirus. They also use Windows while I use Mac OS which is more secure.

Anyway, do you know where on the Windows firewall I allow other subnets to connect? Is it exactly like "remote desktop"? I'm searching the web for the solution anyway....

johnpoz

Do want to allow ping only?

Its listed under file and print sharing for some crazy reason - icmpv4 in, echo request.. Allow the ip ranges you want, ie your lan network under scope, or just say any..

As to messing with family computers.. That some "user" manages and runs shit on... Oh look I won an IPad if I click here because Im the millionth vistor ;)

Yeah put that at on their own isolated vlan that can not talk your stuff, simple solution there for sure ;) Treat that whole segment as just plain hostile..

techtester-m

@johnpoz said in Communicating between subnets fails:

Do want to allow ping only?

Not just ping but any access (TCP/UDP), accessing shared folders etc.

@johnpoz said in Communicating between subnets fails:

Yeah put that at on their own isolated vlan that can not talk your stuff, simple solution there for sure ;) Treat that whole segment as just plain hostile..

That's what I do anyway. I isolate the 'core' of the network and the important stuff including my network but still don't want their computers to be completely vulnerable even at the local level where an antivirus might stop some malware.

johnpoz

@techtester-m said in Communicating between subnets fails:

Not just ping but any access (TCP/UDP), accessing shared folders etc.

Well then either turn if off.. Or you have to allow every specific protocol you want to allow ;) Or create an any rule, which if you have a any rule - why is it even on ;)

If your going to allow access to every service that box is running, why would you need to run firewall on the host sucking up resources, slowing down the connections.

You need to run a firewall when you want to say allow IP X, but block IP Y from talking to Z service. If your going to allow everything to talk to whatever service is running - what is the point of the firewall?

techtester-m

@johnpoz Sorry but please bare with me I f*ing hate Windows. The PC is running Windows 10 and I can't find it lol
How do I get to these properties? Every thing I click keeps sending me to this window or a similar irrelevant one...

johnpoz

go to your control panel and firewall - advanced.

techtester-m

@johnpoz Sorry again...I need to mess with firewall inbound/outbound rules again? WTH?! What am I freaking missing here and why is it so different than your screenshot? Is your screenshot from a different version of Windows?