I discovered some more very interesting "issues" about this. (Make that read, things that can give you grey hair!)
At the risk of cross-posting (which I know can get me my fingers broken), I am going to insert the text of a comment I made on social Technet.
========= Begin inserted text ===========
This has more aspects than a cat has hair! I have discovered:
- Most, if not all, of the rules established for the "Private" profile have their remote scope set to "local subnet" instead of "all". This is really easy to miss as this setting is way off-screen to the right. (Unless you have your window set REALLY wide!)
- On the Advanced tab, there is another setting - Interfaces - that needs to be checked. You need to make sure that whatever interface you are using (or "all") is actually selected.
- The "edge traversal" setting appears to have no effect whatsoever if you are behind a hardware router.
- If you have the Windows Firewall window open, showing rules (or whatever), and you restart the Windows Firewall service, the objects within the windows become "invalid" (i.e. "Invalid Handle"), and saved settings don't get saved. And you don't always get a warning either. Note that they LOOK like they have been saved, but the REALLY HAVE NOT been saved at all. If you are wondering, close the Windows Firewall window, and then re-launch it, to see if the settings are "sticky".
I'm rapidly becoming convinced that it really IS
================ End inserted text ================
The take-aways here are these:
Check your remote scope, especially if using a "Private" profile.
Check your interfaces, especially if creating a rule by hand.
Verify that your session to the Windows Firewall service has not become invalid by restarting the session.