Reset local Firewall configuration on Azure VM

Have you ever been in a situation where you cannot connect to your Azure VM anymore although your NSG and Azure Firewall rules are set up correctly?
The culprit might be your local Windows Firewall, which can inadvertently block access.

In this blog post, we will explore a simple yet effective solution to address this issue and restore connectivity to your Azure VM

Fixing the issue through the Azure Portal

  1. Navigate to the Azure Portal and access the VM blade.
  2. Click on “Run Command” and select “RunPowerShellScript”.
  3. Copy and paste the following commands into the provided field
  4. Execute the commands and reboot the VM once the process is complete. You should now be able to connect to your VM again

Set-ItemProperty -Path 'HKLM:\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\DomainProfile' -name "EnableFirewall" -Value 0
Set-ItemProperty -Path 'HKLM:\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\PublicProfile' -name "EnableFirewall" -Value 0
Set-ItemProperty -Path 'HKLM:\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\Standardprofile' -name "EnableFirewall" -Value 0 

Use RunCommand using PowerShell

If you prefer using PowerShell, follow these steps after logging in to Azure and selecting the appropriate subscription. Replace the placeholder with the Resource Group in which your Virtual Machine is deployed and your Virtual Machine name.

Running the above script will reset the local firewall settings to default and restart the VM.

## Use this script to reset local Firewall settings to default on an Azure VM with RunCommand
## This script will reset the local firewall settings to default and restart the Virtual Machine. This will not affect the NSG settings.

$vmrg = "Placeholder" # Resource Group of the VM
$vmname = "Placeholder" # Name of the VM

$script = "Set-ItemProperty -Path 'HKLM:\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\DomainProfile' -name EnableFirewall -Value 0 -verbose
Set-ItemProperty -Path 'HKLM:\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\PublicProfile' -name EnableFirewall -Value 0 -verbose
Set-ItemProperty -Path 'HKLM:\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\Standardprofile' -name EnableFirewall -Value 0 -verbose"

Invoke-AzVMRunCommand -ResourceGroupName $vmrg -VMName $vmname -CommandId 'RunPowerShellScript' -Scriptstring $script -verbose
Restart-AzVM -ResourceGroupName $vmrg -Name $vmname -verbose

Related Posts

Leave a Reply

Your email address will not be published. Required fields are marked *