Fix default NPS firewall rules for Server 2019
I understand there is an issue with Windows Server 2019/Windows 10 1809 however I was wondering if Microsoft are aware of any problems regarding the Firewall rather than the systems handling of user files.
Recently I setup a Server 2019 VM (1.5GB Dynamic RAM, 2 Allocated Cores, 36GB Drive space, 3GB NIC Team) and installed the NPS and RDS Gateway role onto it however I noticed that despite the NPS role adding the standard firewall rules for port 1813 and 1812 they do not seem to be working.
I have confirmed that with an exception allowing port 1812 through or disabling the firewall allows authentication requests to reach the NPS server however when these are removed and the default rules are left they are blocked.
I have performed an SFC scan and DISM scan/repair however no issues have been detected
I have also spun up a new Server 2019 and Server 2016 server to compare and the 2019 server has the same issue whilst the 2016 server has no problems with just the default rules and no exceptions/extra.
If anyone has any suggestions or information I would be extremely great-full as currently I'm not sure what seems to be the cause
I did also experience this bug.... Lot of time wasted for a little thing; please fix this.
Make sure to open port 1812 & 1813
Brandon Penglase commented
I just ran into this myself after spinning up 2019 on a new server, which served as one of our NPS Servers. Same as others, if I add UDP 1812/1813 as it's own rule, it works as expected. Latest media downloaded from VLSC, fully up to date.
Joel Linn commented
This is absolutely ridiculous.
You would think there is some kind of automated testing setting up a NPS server and client and do some valid/invalid authentications.
I had the same trouble, after disabling the firewall on DC, all clients where able to connect.
Don Pachniak commented
Thought you'd like to know I experienced the same issue.
I created a new rule that allowed port 1812 and NPS began working.
Disable the rule, NPS stopped responding to authentication.
Enable the rule and NPS resumed responding.
Something is definitely wrong with the default firewall rule.
In comparing it to the one I created, the only difference I see is that the default rule is tied to the NPS service.