The server acts as an Internet connection gateway for LAN users when the personal firewall service is running. However, even without policy deployed, users cannot connect to the Internet. It only works when the service is stopped and/or disabled.
This case is similar to the issue of the Common Firewall on VMWare machines, where the host operating system (OS) forwards the packets to the VMWare's IP and not to the IP of the host OS. As a result, the packets will not match any rule in the host OS' personal firewall, causing the packets to be affected by the anchor rule. Unfortunately, our anchor rule is DENY, so the VMWare's incoming packets will be dropped.
In this case, the server forwards the packets from LAN to the Internet. This causes all the packets to be blocked.
To resolve this issue:
- Open the Registry Editor (regedit.exe).
Always back up the whole registry before making any modifications. Incorrect changes to the registry can cause serious system problems.
- Look for the [HKEY_LOCAL_MACHINE\SOFTWARE\TrendMicro\PC-cillinNTCorp\CurrentVersion\PFW] registry hive.
- Add the following registry key:
"EnableGlobalPfwBypassRule" value = 1
where: 1 = enable; 0 = disable (default)