New Application Still Blocked by Firewall even after everything is disabled


We've got a new application developed that needs to connect to an SQL server. The program works fine on Apple devices downloaded from the App store, and the emulator works well on some machines, but I'm tasked with getting the Windows App to work, and as soon as it is on the domain, it crashes the moment a login is attempted. Here are the relevant event logs, I think.

Application Log

Faulting application name: WcBc.UWP.exe, version:, time stamp: 0x5e1b7efb
Faulting module name: ntdll.dll, version: 10.0.18362.418, time stamp: 0x99ca0526
Exception code: 0xc0000005
Fault offset: 0x000000000001792d
Faulting process id: 0x5e2c
Faulting application start time: 0x01d5cd738a0fa05b
Faulting application path: C:\Program Files\WindowsApps\WcBc_6.0.3.0_x64__x092f3jx59vf4\WcBc.UWP.exe
Faulting module path: C:\Windows\SYSTEM32\ntdll.dll
Report Id: fc0e2bd5-9704-4ad2-b601-b61c8bfd53a7
Faulting package full name: WcBc_6.0.3.0_x64__x092f3jx59vf4
Faulting package-relative application ID: App

Security Log

The Windows Filtering Platform has blocked a packet.

Application Information:
               Process ID:                           24108
               Application Name:              \device\harddiskvolume3\program files\windowsapps\wcbc_6.0.3.0_x64__x092f3jx59vf4\wcbc.uwp.exe

Network Information:
               Direction:                             Outbound
               Source Address:         
               Source Port:                         58988
               Destination Address: 
               Destination Port:                 4118
               Protocol:               6

Filter Information:
               Filter Run-Time ID:              71531
               Layer Name:                         Connect
               Layer Run-Time ID:              48

I have examined the Filter Run-time ID, and determined that the rule that was blocking the traffic from Windows Firewall was the "Default Outbound Rule" which seems ridiculous because the Firewall is completely disabled for Domain profiles by group policy, because we have third-party endpoint protection (which is not yet installed on this device I'm testing.) I went ahead and looked at the default rule for outbound traffic, and it is set to allow everything.

I have been able to get the app to connect successfully, but that was only after completely disabling the Base Filtering Engine service, which is not an acceptable solution. I'm incredibly confused though, why is the firewall blocking this traffic when it's both disabled, and instructed to allow the traffic through anyways if it weren't disabled?

Edit: Here's what I believe to be the relevant information from the wfpdiag.xml file




<name>Block Outbound Default Rule</name>

<description>Block Outbound Default Rule</description>













-<filterCondition numItems="1">






















asked on Super User Jan 22, 2020 by Bradley Henderson • edited Jan 22, 2020 by Bradley Henderson

0 Answers

Nobody has answered this question yet.

User contributions licensed under CC BY-SA 3.0