A little while ago, I was faced with the following error during Exchange 2010 SP1 setup at a customer:

When getting an error during setup, it’s always a good idea to look in the Exchange Setup logs, that you can find under the system root (C:\ExchangeSetupLogs)

In the ExchangeSetup log file, you’ll find more information about the error:

In this particular case, there seems to be an issue running the Install-AdTopologyService cmdlet:

The first entry shows there appears to be an issue when trying to manipulate the Windows Firewall:

at Interop.NetFw.INetFwRules.Add(NetFwRule rule)
at Microsoft.Exchange.Security.WindowsFirewall.ExchangeFirewallRule.Add()

Based on this information, I went to take a look at the Windows Firewall service and found it to be disabled:

I decided to switch it to automatic, start the firewall service and re-run setup:

The setup now went through without any errors.

In fact - trying to figure out why the service was disabled – the customer had created a GPO that disabled the windows firewall service (they didn’t use it at all).
The setup however needs to make some modification to the firewall, but doesn’t check whether the Windows Firewall service is running. Obviously, because it wasn’t running, setup couldn’t add any firewall rules which caused the error.

Re-disabling the firewall service after running the setup did not cause any issues.