Windows Networking

Recently I have learnt more about Windows Networking whilst creating Virtual Machines with VirtualBox and trying to get them to talk to each other. There are still some gaps in my understanding, however, what follows is some basic things that I will probably forget, so here goes.

Network Profile

This is in some ways they key to a lot of other things. There are three options "Home Network", "Work Network" and "Public Network", I have not examined these fully but using public means that a lot of things are blocked by default, for example, ping and netbios. In the Windows Firewall "Public Network" corresponds with the Public profile, so if you then want to allow ping on your "Private network" then you need to enable the rule "File and Printer Sharing (Echo Request - ICMPv4-In)" or "File and Printer Sharing (Echo Request - ICMPv6-In)" or indeed both rules but where the profile is private, this is an "Inbound Rule". My guess is that the firewall's domain profile corresponds with the work network but might only kick in if the computer has been joined to a domain.

Network Discovery

In short this is basically the netbios stuff. So if you can ping another machine but not resolve it's name then unless you have DNS fully configured then you will either need to modify the firewall to open the netbios ports, or choose the easy option. The easy way is to go to the "Network and Sharing Center" in the "Network and Internet" part of the Control Panel, choose "Change advanced sharing settings" on the left and turn on network discovery for your profile. This is much easier than messing with the Windows Firewall rules. The article Disabling Network Discovery/Network Resources - Microsoft Enterprise Networking Team describes how to disable this but just do the same and turn it on, if that is what you want.

Windows Firewall

It seems that "Windows Server with Advanced Security" is the tool you need to enable/disable firewall rules as well as create new ones. However when creating new rules you cannot specify a group to put all your rules together if you are creating several. In this scenario the PowerShell cmdlet New-NetFirewallRule is what you need. Not only can you script the changes you can specify a group. There is an example at PowerShell Code Snippets as well.