Windows Firewall is one of the components which is enhanced greatly from windows XP to windows 7. In windows 7 it acts as two way firewall(Inbound/Outbound) with many advanced security features. This is also called as “Windows Firewall with Advanced security” in Window s7.
The more features, the more details you need it for troubleshooting issues. Since this version of firewall acts as a bi-directional one, you need good amount logging to troubleshoot network connection level issues on windows 7 and windows 2008 R2.
This article talks about how to enable this logging, location of log files, and few more options avaiLalble in logging.
Enabling Logging in Windows 7/Windows 2008 firewall.
It is pretty easy. If you want to enable on a single computer, just go to Start -> RUN -> and type wf.msc , this opens up “Windows Firewall with Advanced Security”.
Now Right click on “Windows Firewall With Advanced Security on Local Computer” and go to properties which opens below page.
Select “Customize” option under logging.
There browse for log files location where you want to place the logs and also choose the size limit for log files.
Your Logging will not start until you select “YES” for one of the following options. 1) Log dropped packets 2) Log Successful connections.
Click OK twice to complete your configuration.
This completes the configuration.
In my next post I will talk about how to analyze these logs files. Hope this information helps you.