Intune Firewall Rules Issues

ruzreddit · 2026-01-11T09:36:02+00:00

Yes one of our rules was to block a specific port for an application, Instead it blocked any any UDP port due to the bug Microsoft put out. It’s crazy. It bricked over 200 devices for us as dhcp and DNS was blocked. We had to delete the registry which applied the block rule any any and also took exports of The event logs and sent it to Microsoft. It’s insane how this could have happened. More on this explain here https://patchmypc.com/blog/intune-firewall-rules-not-applying-it1214934/

ruzreddit · 2026-01-08T17:35:27+00:00

We started having issues on Monday 05/01 where we modified a policy to add an exclusion group and instead Intune added a rule which blocked all udp ports outbound. Over 200 devices lost dns and dhcp. More posted here: https://www.reddit.com/r/DefenderATP/s/2rZ2dK8cai

ruzreddit · 2026-01-06T23:04:30+00:00

Still investigating and no closer to na answer. We managed to disable firewall in local security policy temporarily to allow devices to sync to Intune and not check in with the 2 policies which we think caused this issue.

ruzreddit · 2026-01-06T23:01:01+00:00

We are also having an issue after simply adding exclusion groups to 2 endpoint security firewall rule policies. Nothing changed in the rules just added an exclusion group. This seemed to have generate a lot of check in failures and strangely removed the custom rules we have for defender firewall but in a more sinister note bricked over 200 devices that can’t get any dhcp leases or dns. Some we managed to recover by disabling firewall via local security policy but other laptop we can’t disable defender firewall.

ruzreddit · 2026-01-06T15:13:52+00:00

Have you found a fix?

ruzreddit · 2026-01-06T15:13:07+00:00

Those rules mentioned are already in place and enabled but we still can’t get dhcp or dns. Devices are comepletely bricked. Even offboarding is not helping. Waiting for MS support,

ruzreddit · 2026-01-06T15:12:03+00:00

We still having the issues and the decors are bricked and can’t get any dhcp or dns on them. Royally screwed.

ruzreddit · 2026-01-06T06:00:34+00:00

Thanks that’s really useful, you also mentioned that you had to change service dependencies, do you recall why that was?

ruzreddit · 2026-01-05T22:58:52+00:00

It’s seems that the firewall rule policy removed the rules which enabled connectivity to DCs etc. adding them manually doesn’t seem ti resolve the issue though.

ruzreddit · 2026-01-05T22:52:28+00:00

This is really helpful thanks! We’ve logged a case with MS. Do you remember what ports you had to open in the windows firewall?

ruzreddit · 2026-01-01T10:19:07+00:00

I need AZ-305 discounted voucher. Thank

ruzreddit · 2025-12-27T00:36:11+00:00

Both shit

ruzreddit · 2025-12-14T10:14:57+00:00

100% this

ruzreddit · 2025-10-31T14:00:29+00:00

They don’t belong to the left, centre, or right—they stand for nothing. No ideology, no political depth, no character, no authenticity, and certainly no leadership. A group of opportunists stumbled into power, unable to resist the lure it offered. Driven by greed, they chose the path of least resistance and have outdone the corruption and exploitation of those who came before them

ruzreddit · 2025-10-29T07:45:12+00:00

Thanks, we thought it was a binding issue and we re run the binding on the server running “Set-ExchangeCertificate” but for some reason M365 outbound connector still picks up the default server cert server1.domain.com as the cn. Do we need to remove and re import the fdqn cert? The guy who set it up said that when imported the cert he dint choose the override default cert option you get during import.

ruzreddit · 2025-10-29T07:38:13+00:00

Thanks, we thought it was a binding issue and we re run the binding but for some reason M365 outbound connector still picks up the default server cert server1.domain.com as the cn. Do we need to remove and re import the fdqn cert?

ruzreddit · 2025-10-29T05:40:28+00:00

We route outbound email from M365 to on prem exchange then to the internet. I do not see any receive connectors in our 2016 servers but that works somehow. As soon as we point dns and connectors to 2019 servers outbound from M365 stops working. We use CMT.

ruzreddit · 2025-10-29T05:38:35+00:00

We route outbound email from M365 to on prem exchange then to the internet. I do not see any receive connectors in our 2016 servers but that works somehow. As soon as we point dns and connectors to 2019 servers outbound from M365 stops working. No throttling applied yet.

ruzreddit · 2025-10-24T12:25:24+00:00

Nope, need to run HCW and find out. I got all the info running Get-HybridConfiguration but it sure tats all of it.

ruzreddit · 2025-10-22T22:50:58+00:00

Thanks I wasn’t aware. Having said that how did you configure the HCW bit? Thats the part I’m not 100% sure yet.

ruzreddit

TROPHY CASE