I have an environment where we have a GPO which we have set on all profiles to have the setting:
Apply local firewall rules: No
I've confirmed that the GP is applied successfully by using gpresult/rsop.
On occasion, a block rule will be added to the system locally by MPSSVC which prevents my customer's application from working. We also have an explicit allow rule for the same process which is added by GPO. We can manually remove the block rule but it eventually comes back.
How is this rule getting added despite having the GPO in place for no local firewall rules?
Best Answer
The documentation says that this settings is used when the user "clicks Allow on the notification message".
It's working as intended, Microsoft never said that the rules created by "something else" will not be applied.