Why doesn't Dynamic Network on Home profile allow firewall rule assigned to Home/Office?
Like most users, my laptop's wi-fi is usually connected to either a Home or Office network, but will occasionally connect to unsafe Public networks. I need to allow remote access into this laptop from desktop workstations while on my Home/Office wi-fi, but block these dangerous connections when on a Public wi-fi. But, despite the Vulnerability > Wi-Fi Security Advisor correctly assigning a Home/Office wi-fi as "Home Wi-Fi" (and Secured), the firewall rule allowing remote access will only work if I switch the entire (Wi-Fi) Network Adapter from Dynamic to Home/Office… which leaves the device critically vulnerable while mobile.
Side note: Dynamic Network Adapters in the Firewall are described as "Use this setting to automatically switch the network type based on the profile of the connected network, whether it's a Home / Office or Public network." However, the only controls I find mentioning "profiles" appear under Utility > Profiles and the only relevant "Public Wi-Fi Profile" configuration neither clarifies nor sets what conditions activate that profile automatically. Overall, settings for this crucial and very common use case appear to be scattered among Bitdefender's Firewall, Vulnerability, and Utility screens making them difficult for even an experienced network engineer to find. I'm also disappointed that Firewall Rules cannot apply rules differently for the Office vs Home networks much less additional, custom defined Network Types such as partner / client offices which aren't necessarily Public.
BACKGROUND
Bitdefender Total Security | Build 27.0.42.214
Windows 11 Pro | 23H2
STEPS TO REPRODUCE
1. Within the Firewall, set the laptop's Wi-Fi Network Adapter as "Dynamic".
1. Connect to a safe wi-fi network and assign it as "Home Wi-Fi", appearing under Wi-Fi Security Advisor.
2. Create a Firewall Rule allowing an application's (C:\Windows\System32\svchost.exe or mstsc.exe) inbound traffic (into Local Address port 3389) and set its Network Type to "Any Network".
3. From another machine on the same network, test remote access [which fails in my case].
4. Now either… edit the Firewall Rule setting its Network Type to "Home/Office" and test again [connects successfully regardless of which Wi-Fi network is connected!]
5. Or alternatively… edit the Wi-Fi Network Adapter to remain as "Home/Office" [connects regardless of safe network].
Remote access never connects and times out…
…unless the entire Wi-Fi Network Adapter is declared to be "Home/Office"
…or the firewall rule's Network Type is opened to "Any Network"
…which is not safe at remote locations.
