You must create an allow rule. One of the following prerequisites is needed to create an allow rule:
- An IP subnet mask
Or
- A process name
Example: Subnet
192.168.173.0/24 or process name
WUDFHost.exe.
The allow rule doesn't work if you don't provide an appropriate IP subnet mask or process name when you create the rule. For example, suppose that the process name is set to
SVCHOST or the IP subnet mask is set to
0.0.0.0. In this case, the allow rule doesn't work effectively because the configured process name and the IP subnet mask aren’t accurate.
To create network rules that
WiDi can use when creating the ad hoc wireless network:
NOTES:
- You must create these rules alongside the existing rules. Don't remove any existing rules.
- If the below details don't work, review the ENS Firewall %DEFLOGDIR%\FirewallEventMonitor.log file to identify any differences related to network values or executable details that might vary.
- Verify that the Log all blocked traffic option is enabled in the Firewall Options policy under Tuning Options if log review is needed.
- Log on to the ePolicy Orchestrator (ePO) server.
- Click Policy Catalog.
- For the Product, select Endpoint Security Firewall.
- For the Category, select Rules (User-Based Policy).
- Identify the appropriate Firewall Rules policy to edit for the affected system with this issue and click the EDIT action for that policy.
- Click Add Rule to create a rule and configure the following settings:
- Name: Allow WIDI
- Status: Enable
- Actions: Allow
- Direction: Either
- Network Protocol: IP Protocol -> IPv4 protocol
- Specify networks: Click Add (Local) and add a new local network entry:
- Name: WIDI IP range
- IP address: Subnet 192.168.173.0/24
NOTE: If the above subnet doesn't work, try 192.168.16.0/24 or 192.168.179.0/24.
- Transport Protocol: All Protocols
- Application: Click Add and add new application/executable details:
- Name: WUDFHost.exe
- Executable: New
- Name: Specify networks
- Add Path/Filename that matches for WUDFHost.exe. You can also use File Description, MD5 hash, and Signer (if you want), but the details much match the executable correctly for the firewall rule to work properly.
- Save the firewall rule changes, send the updated firewall policy to the affected client, and then retest.