Rule does not work after rebootw

[sshark]

I was following the advice from #4585,

New-NetFirewallRule -DisplayName "WSL" -Direction Inbound  -InterfaceAlias "vEthernet (WSL)"  -Action Allow

to set up an interface to allow my browsers to connect locally to the applications in the WSL2 via HTTP. It was working until I reboot my Windows 10 20H2 [10.0.19042.867]. Next, I have to recreate the firewall interface again and it worked until the next machine reboot. Am I missing something from the command? Thanks

[Stef-Alb]

On recent versions (tested on W10.21H1 Beta channel, and Dev channel Build 21376), it appears that

• the "vEthernet (WSL)" adapter is created only when a WSL 2 distro is started
• the "vEthernet (WSL)" adapter changes MAC address and GUID between reboots

As a result, the link between the firewall rule and the WSL adapter seems broken after a reboot :

Step1 : New-NetFirewallRule -Direction Inbound -InterfaceAlias "vEthernet (WSL)" -Action Block -DisplayName "WSL test"
Step2 : Get-NetFirewallRule -DisplayName "WSL test" | Get-NetFirewallInterfaceFilter
        InterfaceAlias : vEthernet (WSL)
Step3 : Get-NetAdapter -Name "vEthernet (WSL)" | Select-Object -ExpandProperty InterfaceGuid
        {9A52A68E-9280-448F-8A49-E24861FA5B6D}
Step4 : Reboot Windows
Step5 : Get-NetFirewallRule -DisplayName "WSL test" | Get-NetFirewallInterfaceFilter
        InterfaceAlias : 9a52a68e-9280-448f-8a49-e24861fa5b6d
Step6 : Get-NetAdapter -Name "vEthernet (WSL)" | Select-Object -ExpandProperty InterfaceGuid
        {EC5D4EEC-5719-42B6-B2FC-5E9E482E442B}

On W10.1909 it appears that the adapter is created at startup/login, and does not change MAC/GUID between reboots.

Step1 : New-NetFirewallRule -Direction Inbound -InterfaceAlias "vEthernet (WSL)" -Action Block -DisplayName "WSL test"
Step2 : Get-NetFirewallRule -DisplayName "WSL test" | Get-NetFirewallInterfaceFilter
        InterfaceAlias : vEthernet (WSL)
Step3 : Get-NetAdapter -Name "vEthernet (WSL)" | Select-Object -ExpandProperty InterfaceGuid
        {0A600CE0-B48A-436E-B7A3-AEF4EF285282}
Step4 : Reboot Windows
Step5 : Get-NetFirewallRule -DisplayName "WSL test" | Get-NetFirewallInterfaceFilter
        InterfaceAlias : vEthernet (WSL)
Step6 : Get-NetAdapter -Name "vEthernet (WSL)" | Select-Object -ExpandProperty InterfaceGuid
        {0A600CE0-B48A-436E-B7A3-AEF4EF285282}

Hope it helps

[AttilaSATAN]

I've just updated my win10 to W10.21H1. But still, the problem continues.
The WSL rule that I created can be seen in inbound rules and it's enabled but can't connect to the host PC. After reading @Stef-Alb 's explanation, I've disabled and reenabled the rule and it started to work.

[zejal]

Is there any real solution to this problem ? I mean without workarounds. It's annoying to have to enable again the firewall rules at each reboot (which seems frequent with Windows 11 but that's another story). It's rather unacceptable that an issue opened nearly 1 year ago is still opened !

[microsoft-github-policy-service]

This issue has been automatically closed since it has not had any activity for the past year. If you're still experiencing this issue please re-file this as a new issue or feature request.

Thank you!

[brumlemann]

Still a problem in W11 with WSL 2.1.5.0. I have s**tload of rules with EnforcementStatus : NotApplicable now since I have to add this rule after each reboot.