I'm working with a hardened Windows 7 x32 machine right now that's part of a domain that has a very strict (military) GPO set assigned to it. I have an application that sends unicast traffic on one machine, and an application that receives it on the other.
Before applying the GPO set, everything works as it should. The receiving application gets the traffic and all is well. As soon as I join the receiving machine to the domain and get the policies, the traffic stops working. Here's where it gets weird.
I am logged in as domain admin on both machines, and I CAN get unicast traffic out of the receiving machine to other hosts. I have the windows firewall service stopped on the receiving machine, and if I run a netstat I can see the ports open. Additionally, if I wireshark the NIC, I see the traffic from my originating box getting ot the receiving machine - it just doesn't make it to the application.
- Computer sends traffic to My_Receiving_Machine
- Ports are open on My_Receiving_Machine, verified in netstat
- I see the traffic I'm sending to it on the NIC in Wireshark on My_Receiving_Machine
- Windows firewall service is stopped on My_Receiving_Machine
- Traffic does not get to application, regardless of port
The traffic I'm sending is UDP unicast, but it's the same for multicast - I see the traffic on the NIC, but it doesn't make it to the application. I am running the application itself under an administrative account as well.
It's definitely a group policy that's blocking it, because without the GPOs from the DC applied to the client everything works perfectly.
Chris...the question you need to ask yourself is...have you cleared your cache? Well have you?
In other words I have nothing to contribute to this discussion. :P