Firewall rules to allow file and printer sharing with Public Network

Archive
1

Hi,

1st post -please be gentle :-)  I've searched through the forums already and whilst there are similar posts, I didn't find a real solution. Also have been on multiple chat sessions with Norton "support" but didn't really get anywhere apart from getting more frustrated! So this is a last resort before binning Norton and going elsewhere. Anyway....

I have a win 10 PC on a public network (will call this the host from now on) that I would like to allow a couple of laptops (clients) to connect to so they can access a file share as well as use the shared printer connected to the host. For reasons that I am not going to delve into, the network needs to remain Public.

1st things 1st, everything is working correctly with the NS firewall disabled so all of the windows config is fine on both host and client side (file and printer sharing is enabled for public networks in the network settings on the host). As expected, with the NS firewall enabled, client access over the public LAN is then disabled. 

I started to dig a bit into the NS firewall config. With the default traffic rules, I can get everything working again if I disable the following default firewall rules (I did this purely to see what was happening):
- Default Block Inbout NetBios
- Default Block Inbout NetBios Name
- Default Block Windows File Sharing
- Default Block Windows 2000 SMB
- Default Block All Inbound Windows Services (Public Networks)

I can also connect if I set the firewall rules back to their default and enable "File and Printer Sharing" in the "traffic blocking exceptions" in NS firewall setting. This is fine however it then opens up file and printer sharing for ALL clients on the public network which is far from ideal...

So I then thought I could make a generic set of rules that could be used along with the enabled "file and printer sharing" to
- Block ALL clients on the public network (based on IP range)
- Re enable just the clients that I want to connect.

(Block Rule is set to BLOCK, To and From Connections, All computers in full IP address range, Block all protocols)

However, the blocking rule does NOT stop clients connecting so it looks like the "traffic blocking exception" setting is taking priority over the traffic rules. The traffic rule is on the whole working as it kills the internet access to the PC!

The priority level description for traffic is a bit confusing  "Rules that appear higher in the list override the rules that appear lower in the list. " Does this mean that a rule lower down in the list cannot modify a setting configured in a generic rule above it which does not make sense. Anyway, I tried this rule at the top and bottom of the list and there was no difference in behaviour (didn't block client access but did kill internet access on the host)

Next option was to try going back to the default settings and just setting the client as a trusted machine. Thus worked fine but what has this actually done? I am concerned about the "open-ness" of this setting, assuming it has effectively allowed wide open access to this IP or MAC address...

What is the general concensus here (not looking for discussion on why I am doing this on a Public network, that is fixed). I would prefer to do this with traffic rules but can anyone offer any help on how to so this and the relationship between the rules and the other settings!

Sorry this is really verbose, just trying to provide as much info as possible!

Thanks guys,
Al