When we set up a greenfield Active Directory Forest and Domain we do the following in Group Policy:
- New Group Policy Object (GPO) Linked & Enforced at the domain Level: Default Domain Security Policy
- Enable Remote Desktop Inbound: Allow users to connect remotely by using Remote Desktop
When troubleshooting an issue the first place we can look is in the Windows Firewall Log:
Windows Defender Firewall with Advanced Security Log Location
There is no such thing as turning OFF the Windows Firewall it goes into a form of Limp Mode which may or may not improve the situation.
Click the log link in Monitoring and there we go either we’re going to see BLOCK or not or even nothing if the firewall hasn’t even blocked anything yet.
If there are BLOCK entries then we can work with the product vendor to set up the correct exceptions for _that_ system if a server or the clients if the block is at that end.
End the guesswork and keep client’s networks secure by keeping the Windows Defender Firewall with Advanced Security enabled and locked down for the Public profile (block all inbound by default).