KB – Windows Firewall Profile
Latest tested version: 20.10
Working with the Windows Firewall Profile could be tricky. There is a undocumented behavior you need to know.
In Windows you are able to create multiple firewall rules with the same name.
Unfortunately, Workspace One UEM handels the Windows Firewall profile a little bit different.
When you create a firewall rule in Workspace One, the name is also used for the URI path. This is an issue, if there are two (or more) rules with the same name. Therefore we need to make sure to not use the same name more than once.
Behind the scenes:
As example we created a Windows firewall profile and added two rules with the same name – one for inbound and one for outbound traffic.
After that, looking into the profile XML shows, that the name was reused in the URI path:
<Replace> <CmdID>fc388928-b76a-4034-9137-6a17ecb68287</CmdID> <Item> <Target> <LocURI>./Vendor/MSFT/Firewall/MdmStore/FirewallRules/Allow%20Ping/Name</LocURI> </Target> <Meta> <Format xmlns="syncml:metinf">chr</Format> </Meta> <Data>Allow Ping</Data> </Item> </Replace>
So, the name is “Allow Ping” and also the LocURI reused the name for the rule
This profile will generate an error.
The error message in the Windows Eventer Viewer is not showing a specific error.
As you can see, this error is quite generic and will not show any error because of the duplicate URI path.
In conclusion to this behavior, make sure that the rule names are unique to avoid this error.
For more information about the Windows Firewall CSP see the Microsoft documentation.