Problem? Solved.

«
»

Can not enable Windows Firewall

Posted by david on June 17th, 2007

I ran across this issue while working at a customer site.

Symptoms

  1. When you open Services.msc applet, the Windows Firewall/Internet Connection Sharing (ICS) service may not be available in the listing
  2. Windows Firewall/Internet Connection Sharing (ICS) service is available in Services listing, but you are unable to start the service
  3. You receive the following error message while accessing the firewall settings (firewall.cpl)

Due to an unidentified problem, Windows cannot display Windows Firewall settings.

Solution

I found the solution at http://windowsxp.mvps.org/sharedaccess.htm and restated the solution here in case the other site is unavailable. If Windows Live OneCare is installed, you may ignore the error message. OneCare uses it’s own firewall.

Cause

A missing or corrupt SharedAccess registry key.

Resolution

Create a .REG file containing the following:

Windows Registry Editor Version 5.00

[-HKEY_LOCAL_MACHINESYSTEMCurrentControlSetServicesSharedAccess]

[HKEY_LOCAL_MACHINESYSTEMCurrentControlSetServicesSharedAccess]
"DependOnGroup"=hex(7):00,00
"DependOnService"=hex(7):4e,00,65,00,74,00,6d,00,61,00,6e,00,00,00,57,00,69,00,
  6e,00,4d,00,67,00,6d,00,74,00,00,00,00,00
"Description"="Provides network address translation, addressing, name resolution and/or intrusion prevention services for a home or small office network."
"DisplayName"="Windows Firewall/Internet Connection Sharing (ICS)"
"ErrorControl"=dword:00000001
"ImagePath"=hex(2):25,00,53,00,79,00,73,00,74,00,65,00,6d,00,52,00,6f,00,6f,00,
  74,00,25,00,5c,00,73,00,79,00,73,00,74,00,65,00,6d,00,33,00,32,00,5c,00,73,
  00,76,00,63,00,68,00,6f,00,73,00,74,00,2e,00,65,00,78,00,65,00,20,00,2d,00,
  6b,00,20,00,6e,00,65,00,74,00,73,00,76,00,63,00,73,00,00,00
"ObjectName"="LocalSystem"
"Start"=dword:00000002
"Type"=dword:00000020

[HKEY_LOCAL_MACHINESYSTEMCurrentControlSetServicesSharedAccessEpoch]
"Epoch"=dword:00002cd0

[HKEY_LOCAL_MACHINESYSTEMCurrentControlSetServicesSharedAccessParameters]
"ServiceDll"=hex(2):25,00,53,00,79,00,73,00,74,00,65,00,6d,00,52,00,6f,00,6f,
  00,74,00,25,00,5c,00,53,00,79,00,73,00,74,00,65,00,6d,00,33,00,32,00,5c,00,
  69,00,70,00,6e,00,61,00,74,00,68,00,6c,00,70,00,2e,00,64,00,6c,00,6c,00,00,
  00

[HKEY_LOCAL_MACHINESYSTEMCurrentControlSetServicesSharedAccessParametersFirewallPolicy]

[HKEY_LOCAL_MACHINESYSTEMCurrentControlSetServicesSharedAccessParametersFirewallPolicyDomainProfile]

[HKEY_LOCAL_MACHINESYSTEMCurrentControlSetServicesSharedAccessParametersFirewallPolicyDomainProfileAuthorizedApplications]

[HKEY_LOCAL_MACHINESYSTEMCurrentControlSetServicesSharedAccessParametersFirewallPolicyDomainProfileAuthorizedApplicationsList]
"%windir%system32sessmgr.exe"="%windir%system32sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"

[HKEY_LOCAL_MACHINESYSTEMCurrentControlSetServicesSharedAccessParametersFirewallPolicyStandardProfile]

[HKEY_LOCAL_MACHINESYSTEMCurrentControlSetServicesSharedAccessParametersFirewallPolicyStandardProfileAuthorizedApplications]

[HKEY_LOCAL_MACHINESYSTEMCurrentControlSetServicesSharedAccessParametersFirewallPolicyStandardProfileAuthorizedApplicationsList]
"%windir%system32sessmgr.exe"="%windir%system32sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"

[HKEY_LOCAL_MACHINESYSTEMCurrentControlSetServicesSharedAccessSetup]
"ServiceUpgrade"=dword:00000001

[HKEY_LOCAL_MACHINESYSTEMCurrentControlSetServicesSharedAccessSetupInterfacesUnfirewalledAtUpdate]
"All"=dword:00000001

[HKEY_LOCAL_MACHINESYSTEMCurrentControlSetServicesSharedAccessEnum]
"0"="RootLEGACY_SHAREDACCESS000"
"Count"=dword:00000001
"NextInstance"=dword:00000001

Then double-click the .REG file to merge the contents to the registry. The Services entry will be created. Restart Windows (mandatory step, otherwise the following NETSH command will display an error message).

After restarting Windows, run this from Command Prompt (cmd.exe)

   NETSH FIREWALL RESET

Launch firewall applet from Control Panel, and then configure your Windows Firewall settings.

If none of the above methods help, as a last-resort solution (before reinstalling Windows XP Service Pack 2), give these two commands a try. Click Start, Run and type:

   rundll32 setupapi,InstallHinfSection Ndi-Steelhead 132 %windir%infnetrass.inf

Restart Windows, and then run this command (from Command Prompt):

   NETSH FIREWALL RESET

Attempt to start Firewall applet. Start the Windows Firewall service when prompted.

This entry was posted on Sunday, June 17th, 2007 at 2:16 pm and is filed under Knowledge Base. You can follow any responses to this entry through the RSS 2.0 feed. You can skip to the end and leave a response. Pinging is currently not allowed.

Leave a Reply

XHTML: You can use these tags: <a href="" title=""> <abbr title=""> <acronym title=""> <b> <blockquote cite=""> <cite> <code> <del datetime=""> <em> <i> <q cite=""> <strike> <strong>

«
»