Notes

User Tools

Site Tools

Trace: windowsfirewall
microsoft:windows:windowsfirewall

Table of Contents

Microsoft - Windows - Windows Firewall

Microsoft TechNet - Networking and Access Technologies > Home > Technologies and Solutions > Windows Firewall

Windows XP

Microsoft TechNet - Windows Firewall
Microsoft TechNet - Deploying Windows Firewall Settings With Group Policy

Windows Vista

Microsoft TechNet - Windows Firewall with Advanced Security and IPsec
Microsoft TechNet - How Windows Firewall with Advanced Security Works describes firewall profile selection process on Windows Vista. Related: Microsoft Technet - Network Location Awareness

Notes

Enable the “File and Printer Sharing (Echo Request - ICMPv4-In)” inboudn firewall rule for ping access if not yet enabled: 

if ((Get-NetFirewallRule -DisplayName "File and Printer Sharing (Echo Request - ICMPv4-In)").Enabled -eq "False") { Enable-NetFirewallRule -DisplayName "File and Printer Sharing (Echo Request - ICMPv4-In)" }

Set a remote IP address limitation on an existing rule: 

Get-NetFirewallRule -DisplayName "Application Server" | Get-NetFirewallAddressFilter | Set-NetFirewallAddressFilter -RemoteAddress "10.10.10.1"

Add an inbound firewall rule for port 1234 to Someservice.exe: 

New-NetFirewallRule `
-Name "Someservice" `
-DisplayName "Someservice" `
-Profile Any `
-Direction InBound `
-Action Allow `
-Protocol tcp `
-Localport 1234 `
-Program "C:\Program Files\Someservice\Someservice.exe" `
-Enabled True

Add an inbound firewall rule for TFTP to tftpd64exe: 

New-NetFirewallRule `
-Name "Tftpd" `
-DisplayName "Tftpd" `
-Profile Any `
-Direction InBound `
-Action Allow `
-Protocol udp `
-Localport 69 `
-Program "C:\Program Files\Tftpd64\tftpd64.exe" `
-Enabled True

Add an inbound firewall rule for SQL Server (tcp/1433) access from specific remote IP: 

New-NetFirewallRule `
-Name "SQL 1433" `
-DisplayName "SQL 1433" `
-Profile Any `
-Direction InBound `
-Action Allow `
-Protocol tcp `
-Localport 1433 `
-RemoteAddress 10.11.11.1 `
-Enabled True

Add an inbound firewall rule for multiple ports in one rule: 

New-NetFirewallRule `
-Name "Webserver 443,4344" `
-DisplayName "Webserver 443,4344" `
-Profile Any `
-Direction InBound `
-Action Allow `
-Protocol tcp `
-Localport 443,4344 `
-Enabled True
microsoft/windows/windowsfirewall.txt · Last modified: 2022/02/25 12:00 by bas
Donate Powered by PHP Valid HTML5 Valid CSS Driven by DokuWiki