Windows firewall rules

Hello Dear Sir/Madam
I am trying to create an inbound firewall rule to grant access ICMP4 to my server(2008 r2),although I have created this rule I can not ping my server by its IP address. but when I disable firewall I can ping It so could you please help me why windows firewall
can not recognize my new rule?
Best Reagard

Hi,
Can you ping other computers? How did you create the firewall inbound rule? In general, enabling incoming ICMP Echo messages will allow others to ping your computere. Please try to enable the File and Printer Sharing ( Echo Request- ICMPv4-In) in the inbound
firewall rules to see if the issue persists.
Best regards,
Susie

Similar Messages

[Solved] Windows Firewall rule that allows Windows Update

Can anyone kindly give me a Windows Firewall rule that allows Windows Update? Assume I'm running MMC's "Windows Firewall with Advanced Security" snap-in as Administrator. Note that a "solution" that takes down the outbound firewall is
not acceptable.
Thank You.
===== Solution =====
Suppose that, as the default, you've set the outbound firewall to block (see
To close the outbound firewall, below). In order for Windows Update to check whether an update is available and then to download the update files, you first need an outbound firewall
allow-rule that allows the Windows Update service to pass through the outbound firewall.
Prerequisite: Knowledge of the Microsoft Management Console (MMC) and its "Windows Firewall with Advanced Security" plug-in.
What you will do: You will use the "Windows Firewall with Advanced Security" MMC plug-in to create an outbound firewall rule that
allows '%SystemRoot%\System32\svchost.exe' (the generic service driver) to pass through the outbound firewall on behalf of 'wuauserv' (the name of the specific service that performs the update).
Warning: If you don't know what I'm writing about, get help.
Name: Allow Windows Update (...or any name you prefer - it doesn't matter)
Group:
Profile: Public
Enabled: Yes
Action: Allow
Program: %SystemRoot%\System32\svchost.exe
Local Address: Any
Remote Address: Any
Protocol: Any
Local Port: Any
Remote Port: Any
Allowed Computers: Any
Status: OK
Service: wuauserv
Rule Source: Local Setting
Interface Type: All interface types
Excepted Computers: None
Description:
To open the outbound firewall:
More accurate wording would be
Outbound connections are allowed unless explicitly blocked by a rule.
If you look at the standard rules you will find no block-rules. That means that nothing is blocked, everything is allowed, and the outbound firewall is wide open.
To close the outbound firewall:
More accurate wording would be
Outbound connections are blocked unless explicitly allowed by a rule.
If you look at the standard rules you will find only allow-rules that have been crafted to allow the vital Windows connections to pass through the outbound firewall. To an informed observer it's obvious that the firewall engineers crafted these
allow-rules so that users who closed the outbound firewall wouldn't have to write them. But the firewall engineers left out Windows Update.

Hi mark,
Thanks for sharing, it will help other users who have similar issue.
Regards

[Solved] Windows Firewall rule that will allow Windows Update

The problem has been solved here:
https://social.technet.microsoft.com/Forums/en-US/62b9fd5c-10b2-4266-bc15-fcf3e79d20d4/solved-windows-firewall-rule-that-allows-windows-update?forum=w7itpronetworking
Everything from here down is obsolete.

Go to Control Panel >Firewall>Advanced Settings. Then click
Action>Export policy to make a copy of your current policy in case you want to restore it. Then click
Action>Restore Default Policy.
This should allow you to use Windows Update.
See also:
https://technet.microsoft.com/en-in/library/bb693717.aspx
https://support.microsoft.com/kb/836941
S.Sengupta, Windows Entertainment and Connected Home MVP

How to setup user's rights to modify Windows Firewall Rules?

I would like to have an account in my system that doesn't have any other administrative privileges besides rights to modify the Windows Firewall rules by means of Firewall API. How to setup a minimal set of rights for this account to do the task?
Right now what I see is that if I try to call INetFwRule::put_RemoteAddresses from an account without administrative privileges, the call fails with access denied. There is no means to find out access to what is needed. The call fails even if the process
is run under high integrity level.
I tried to setup global security audit, but there were no relevant events logged.
I tried to monitor the process with procmon, there were no any access denied events logged.
I tried to give the full access for this account to the correspondent registry keys. It didn't help.
I stepped firewallapi.dll in a debugger and found out that what fails is an RPC call to some COM interface proxy. I assumed that probably it is a remote call to some HNetCfg.FwRule method. I tried to add the user account to the HNetCfg.FwRule launch and
access permission ACLs in the DCOM configuration utility. It didn't help either.
Dear Microsoft, why did you do such a simple thing as settings user rights so difficult? Can you reveal the secret what rights and privileges I have to set?
Thanks in advance.
Dei nostra Matrix est.

Here is what I found so far.
The firewall service calls RpcServerRegisterAuthInfo to setup RPC security from FwRpcAPIsRegisterAuthInfo. It happens during registration of RPC interfaces in FwRpcAPIsInterfaceCreate. FwRpcAPIsInterfaceCreate is called from FwRpcAPIsInitialize. And FwRpcAPIsInitialize
is used from FwServiceAsyncStartupRoutine.
After calling FwRpcAPIsRegisterAuthInfo function FwRpcAPIsInterfaceCreate calls ConvertStringSecurityDescriptorToSecurityDescriptor, which converts a textual description of a security descriptor to some binary form.
So my guess is that access rights are hard coded inside mpssvc.dll and what I have to do is just to find the textual representation of the correspondent descriptor.
I found 8 descriptors inside mpssvc.dll:
O:SYG:SYD:(A;;RCWD;;;BA)(A;;RCWD;;;NO)
O:SYG:SYD:(A;;RCWD;;;S-1-5-80-2940520708-3855866260-481812779-327648279-1710889582)(A;;RCWD;;;S-1-5-80-3526382388-830156861-4107432654-3665941875-1028450966)
O:SYG:SYD:(A;;RCWD;;;S-1-5-80-62724632-2456781206-3863850748-1496050881-1042387526)
O:SYG:SYD:(A;;RCWD;;;S-1-5-80-979556362-403687129-3954533659-2335141334-1547273080)
O:SYG:SYD:(A;;RC;;;BA)(A;;RC;;;NO)(A;;RCWD;;;CY)
O:SYG:SYD:(A;;RCWD;;;BA)(A;;RCWD;;;NO)(A;;RC;;;CY)
O:SYG:SYD:(A;;RCWD;;;BA)(A;;RCWD;;;NO)(A;;RC;;;AU)
O:SYG:SYD:(A;;RC;;;AU)
I don't know yet which one corresponds to changing a firewall rule.
Dei nostra Matrix est.

Windows Firewall Rules - Automatically Added by Sharepoint

Hi All,
I do have two WFE 's and 1 APP server . When i checked the inbound firewall rules of WFE1 and WFE 2 i can see
Sharepoint Search 16500,16501,.... Allowed
Sharepoint Web Services 32843,32844,... Allowed
SPUserCodeV4 32846 allowed
When i checked the APP Server , these are not added .
Can somebody let me know even though all have been created the same way only in the App Server this is not added?
For making the APP Server , i have stopped the Microsoft SharePoint Foundation Web Application service.

HI Thompson,You can see the firewall service as "windows firewall" in services.msc.You can find the firewall rules in administrative tools->windows firewall with advanced security in Win 2008 servers.You can also look in URL that exactly discussing
about your query.
You can see the firewall service as "windows firewall" in services.msc.You can find the firewall rules in search as windows firewall with advanced security in Win 2012 servers.You can also look in URL that exactly discussing about your query
http://expertsharepoint.blogspot.de/2014/05/firewall-settings-for-sharepoint-farm.html
Anil Avula[MCP,MCSE,MCSA,MCTS,MCITP,MCSM] See Me At: http://expertsharepoint.blogspot.de/

Windows Firewall and unwanted rules being auto created

When i activated the Windows Firewall after switching from Third party software i encountered something weird. The firewall created several New rules that blocked certain traffic.
Is their any circumstances where the Windows firewall will Auto create rules that Block traffic?
Is there any way to prevent this from happeneing? I want to know what happens in my firewall :)
I have disabled the prompt that asks the user to allow traffic, but still i dont feel that i have full Control of the firewalls behaviour. Could disabling this feature being the cause of Things being auto blocked?

You can try looking in Event Log: Applications and Services -> Microsoft-> Windows -> Windows Firewall -> Firewall
For list of event id's you can try looking at
https://technet.microsoft.com/en-us/library/dd364427(v=ws.10).aspx
You can use Event Viewer to create a filter for event id 2004 (A rule has been added to the Windows Firewall exception list.) or you could modify the powershell script you can find here
http://superuser.com/questions/747184/is-there-anyway-to-see-when-a-windows-firewall-rule-was-created-enabled-using-po
to also include the ModifyingApplication (or any of the values) eg
$Events = Get-WinEvent -ErrorAction SilentlyContinue -FilterHashtable @{logname="Microsoft-Windows-Windows Firewall With Advanced Security/Firewall"; id=2004}
ForEach ($Event in $Events) {
$eventXML = [xml]$Event.ToXml()
For ($i=0; $i -lt $eventXML.Event.EventData.Data.Count; $i++) {
Add-Member -InputObject $Event -MemberType NoteProperty -Force `
-Name $eventXML.Event.EventData.Data[$i].name `
-Value $eventXML.Event.EventData.Data[$i].'#text'
$Events | Format-Table -Property TimeCreated,RuleName,ModifyingApplication -AutoSize
(You may need to adjust powershell screen buffer width first)

Unknown rules in windows firewall

Hi. Recently I decided to take a look into my windows firewall rules (no reason really, other than curiousity.) I found some rules that are not clear as to what software or application they apply to.
Has anyone ever seen this before and are they something I should concerned about? It has me wondering if it is some sort of legal keylogger that is not detected by antivirus software. I have temporarily disabled the rules until I know whether they are safe
or not. See my screenshot below.
Thanks in advance for any help suggestions.

Hi DLDiamond,
Please check the rule’s property like this:
We can confirm which program this rule applies to.
If you have any feedback on our support, please click
here
Alex Zhao
TechNet Community Support

Setting port exceptions for Windows Firewall via GPO. Is there a limit on the number of exceptions that can be set?

We would like to utilize GPOs to manage our Windows Firewall rule set. We have servers that have different requirements (HL7 connections, other programs) and our doctrine is to only open ports that are going to be used.
We need to be able to audit and enforce these standards, so GPOs seem to make the most sense to me.
The problem I am running into is when I attempt to define multiple Windows Firewall Inbound Port Exceptions. (More than 10) After "Applying and Okaying" I will go to verify the firewall rule-set but I find that quite a few of them are missing. It
seems like I am limited to 8-9 port exceptions per GPO.
I am unable to locate any documentation about this, but we can work around this by creating multiple GPOs.
Has anyone run into this issue before?
Domain Function level: Windows Server 2008
Tho H. Le

> Has anyone run into this issue before?
No, unfortunately. Our main server FW exception GPO contains 44 rules
with port or program exceptions, and it works flawlessly...
Martin
Mal ein
GUTES Buch über GPOs lesen?
NO THEY ARE NOT EVIL, if you know what you are doing:
Good or bad GPOs?
And if IT bothers me - coke bottle design refreshment :))

Moving CMS from Lync 2010 to Lync 2013 - WIndows Firewall??

We currently have the Windows Firewall disabled on all 3 of our Lync 2013 FE servers. We just don't use it and it gets in the way of some other applications. I remember when I was installing Lync on these servers, I had to enable the Windows Firewall or
setup would fail. Now that Lync has been running for a while, I have the Firewall disabled again.
Now, I am moving the CMS from Lync 2010 to 2013 and I am wondering if I should again enable the Firewall? I am concerned that the commands I need to run to prepare the 2013 FE server and the Move-CsManagement-Server command itself will fail if Windows Firewall
is disabled.
Does anyone know?

Hi,
As I know, if you want to disable Windows firewall for getting in the way of some other applications you can
just turn off all three (Domain, Private, Public) profiles or disable the Windows firewall service.
If you just turn off all three (Domain, Private, Public) profiles, it means that during the install, Lync Server will add all the firewall rules to the Windows Firewall, so if after you turn on all three profiles all you need to do is turn the Windows Firewall
back on from the inside the Control Panel.
If you disable the Windows firewall service it means that the Windows Firewall snap-in won't even load. So during the install Lync Server won't be able to create the firewall rules. So after Lync installation you can enable the Windows Firewall service is
to run Step 2 from Lync Server Deployment Wizard.
More details:
http://blogs.technet.com/b/dodeitte/archive/2012/05/25/how-to-update-windows-firewall-rules-for-lync-server-2010-after-installation.aspx
So if you just turn off three (Domain, Private, Public) profiles, you should be OK to move CMS from 2010 to 2013.
Best Regards,
Eason Huang
Eason Huang
TechNet Community Support

0x8007000e (E_OUTOFMEMORY) while adding a firewall rule using the windows firewall COM API

Hello,
Configuration: Windows Embedded 8 64-bit.
I'm using the Windows Firewall with Advanced Security COM API. The program uses the INetFwRules interface. Basically, I'm using the following code (Form the code sample available here : http://msdn.microsoft.com/en-us/library/windows/desktop/dd339604%28v=vs.85%29.aspx.)
I get the error when performing "hr = pFwRules->Add(pFwRule);".
We can also encounter the problem when removing a rule (using pFwRules->Remove(ruleName);)
HRESULT hrComInit = S_OK;
HRESULT hr = S_OK;
INetFwPolicy2 *pNetFwPolicy2 = NULL;
INetFwRules *pFwRules = NULL;
INetFwRule *pFwRule = NULL;
long CurrentProfilesBitMask = 0;
BSTR bstrRuleName = SysAllocString(L"SERVICE_RULE");
BSTR bstrRuleDescription = SysAllocString(L"Allow incoming network traffic to myservice");
BSTR bstrRuleGroup = SysAllocString(L"Sample Rule Group");
BSTR bstrRuleApplication = SysAllocString(L"%systemroot%\\system32\\myservice.exe");
BSTR bstrRuleService = SysAllocString(L"myservicename");
BSTR bstrRuleLPorts = SysAllocString(L"135");
// Initialize COM.
hrComInit = CoInitializeEx(
0,
COINIT_APARTMENTTHREADED
// Ignore RPC_E_CHANGED_MODE; this just means that COM has already been
// initialized with a different mode. Since we don't care what the mode is,
// we'll just use the existing mode.
if (hrComInit != RPC_E_CHANGED_MODE)
if (FAILED(hrComInit))
printf("CoInitializeEx failed: 0x%08lx\n", hrComInit);
goto Cleanup;
// Retrieve INetFwPolicy2
hr = WFCOMInitialize(&pNetFwPolicy2);
if (FAILED(hr))
goto Cleanup;
// Retrieve INetFwRules
hr = pNetFwPolicy2->get_Rules(&pFwRules);
if (FAILED(hr))
printf("get_Rules failed: 0x%08lx\n", hr);
goto Cleanup;
// Create a new Firewall Rule object.
hr = CoCreateInstance(
__uuidof(NetFwRule),
NULL,
CLSCTX_INPROC_SERVER,
__uuidof(INetFwRule),
(void**)&pFwRule);
if (FAILED(hr))
printf("CoCreateInstance for Firewall Rule failed: 0x%08lx\n", hr);
goto Cleanup;
// Populate the Firewall Rule object
pFwRule->put_Name(bstrRuleName);
pFwRule->put_Description(bstrRuleDescription);
pFwRule->put_ApplicationName(bstrRuleApplication);
pFwRule->put_ServiceName(bstrRuleService);
pFwRule->put_Protocol(NET_FW_IP_PROTOCOL_TCP);
pFwRule->put_LocalPorts(bstrRuleLPorts);
pFwRule->put_Grouping(bstrRuleGroup);
pFwRule->put_Profiles(CurrentProfilesBitMask);
pFwRule->put_Action(NET_FW_ACTION_ALLOW);
pFwRule->put_Enabled(VARIANT_TRUE);
// Add the Firewall Rule
hr = pFwRules->Add(pFwRule);
if (FAILED(hr))
printf("Firewall Rule Add failed: 0x%08lx\n", hr);
goto Cleanup;
This works pretty well but, sometimes, at system startup, adding a rule ends up with the error 0x8007000e (E_OUTOFMEMORY) ! At startup, the system is always loaded cause several applications starts at the same time. But nothing abnormal. This is quite a random
issue.
According MSDN documentation, this error indicates that the system "failed to allocate the necessary memory".
I'm not convinced that we ran out of memory.
Has someone experienced such an issue? How to avoid this?
Thank you in advance.
Regards, -Ruben-

Does Windows 8 desktop have the same issue? Are you building a custom WE8S image, or are you using a full WE8S image? The reason I ask is to make sure you have the modules in the image to support the operation.
Is Windows Embedded 8.1 industry an option?
www.annabooks.com / www.seanliming.com / Book Author - Pro Guide to WE8S, Pro Guide to WES 7, Pro Guide to POS for .NET

Windows Firewall issue, Inbound rule opend all, still not the same as turning off

This is Windows Firewall issue on Windows 8.1 Pro.
Backup Exec server cannot expand a computer node in selection list. I drill down to Microsoft Windows Network/Domain/Computers, then when I tried to expand a Windows 8.1 Pro computer node, it hangs out.
I narrowed this problem to Windows firewall related issue on Windows 8.1 Pro computer.
When I turn off Windows Firewall on Domain profile, Backup Exec Selection expands the computer node of the Windows 8.1 Pro computer. So, I created an inbound rule opening all to BAckup Exec server as following, but it's still not the same as turning off
Windows firewall specifically on Windows 8.1 Pro computer;
Any Local IP address, Any Remote IP address, Any port, Any protocol, All Interface, All Programs and Services, All profiles(Domain, Private, Public)
And there are no rules blocking any which may override the above rule.
Ethernet on Windows 8.1 Pro computer shows profile is linked with Domain, but just to make it work, I selected all profiles.
Even though I opened all available in inbound rule, it's still not the same as turning off windows firewall. Why am I missing?

It looks as something related to RPC(UDP 135), but even when inbound rule is all open, why it matters? RPC seems working fine only when firewall is turned off on domain profile.
Protocol 17 is UDP
Port: 135
===============================
Event ID 5152
The Windows Filtering Platform has blocked a packet.
Application Information:
Process ID:
0
Application Name:
Network Information:
Direction:
Outbound
Source Address:
192.168.1.120
Source Port:
0
Destination Address:
192.168.1.11
Destination Port:
0
Protocol:
1
Filter Information:
Filter Run-Time ID:
245836
Layer Name:
ICMP Error
Layer Run-Time ID:
32
The Windows Filtering Platform has blocked a packet.
Application Information:
Process ID:
0
Application Name:
Network Information:
Direction:
Inbound
Source Address:
192.168.1.11
Source Port:
35341
Destination Address:
192.168.1.120
Destination Port:
135
Protocol:
17
Filter Information:
Filter Run-Time ID:
245834
Layer Name:
Transport
Layer Run-Time ID:
13

How to Create Windows Firewall Predefined rules using Powershell

Windows Firewall Predefined rules using Powershell
Following commands are working some time however sometimes it's giving errors. Any help would be appreciated
WORKING ==> Set-NetFirewallRule -DisplayGroup "File and Printer Sharing" -Enabled True
Set-NetFirewallRule -DisplayGroup "File and Printer Sharing" -Enabled True -Direction Inbound
NOT WORKING
PS C:\Windows\system32> Set-NetFirewallRule -DisplayGroup "File and Printer Sharing" -Enabled True -Direction Outbound
Set-NetFirewallRule : One of the port keywords is invalid.
At line:1 char:1
+ Set-NetFirewallRule -DisplayGroup "File and Printer Sharing" -Enabled True -Dire ...
+ ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
+ CategoryInfo : InvalidArgument: (MSFT_NetFirewal...ystemName = ""):root/standardcimv2/MSFT_NetFirewallRule) [Se
t-NetFirewallRule], CimException
+ FullyQualifiedErrorId : HRESULT 0x80070057,Set-NetFirewallRule
PS C:\Windows\system32> Set-NetFirewallRule -DisplayGroup "File and Printer Sharing" -Enabled True -Direction Outbound
Set-NetFirewallRule : One of the port keywords is invalid.
At line:1 char:1
+ Set-NetFirewallRule -DisplayGroup "File and Printer Sharing" -Enabled True -Dire ...
+ ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
+ CategoryInfo : InvalidArgument: (MSFT_NetFirewal...ystemName = ""):root/standardcimv2/MSFT_NetFirewallRule) [Se
t-NetFirewallRule], CimException
+ FullyQualifiedErrorId : HRESULT 0x80070057,Set-NetFirewallRule
Anoop C Nair (My Blog www.AnoopCNair.com)
- Twitter @anoopmannur -
FaceBook Forum For SCCM

The command:
Get-NetFirewallRule -DisplayGroup "File and Printer Sharing" -Direction Outbound
produces the output:
Name : FPS-NB_Session-In-TCP
DisplayName : File and Printer Sharing (NB-Session-In)
Description : Inbound rule for File and Printer Sharing to allow NetBIOS Session Service connections. [TCP 139]
DisplayGroup : File and Printer Sharing
Group : @FirewallAPI.dll,-28502
Enabled : True
Profile : Any
Platform : {}
Direction : Outbound
Action : Allow
EdgeTraversalPolicy : Block
LooseSourceMapping : False
LocalOnlyMapping : False
Owner :
PrimaryStatus : OK
Status : The rule was parsed successfully from the store. (65536)
EnforcementStatus : NotApplicable
PolicyStoreSource : PersistentStore
PolicyStoreSourceType : Local
Name : FPS-NB_Session-Out-TCP
DisplayName : File and Printer Sharing (NB-Session-Out)
Description : Outbound rule for File and Printer Sharing to allow NetBIOS Session Service connections. [TCP 139]
DisplayGroup : File and Printer Sharing
Group : @FirewallAPI.dll,-28502
Enabled : True
Profile : Any
Platform : {}
Direction : Outbound
Action : Allow
EdgeTraversalPolicy : Block
LooseSourceMapping : False
LocalOnlyMapping : False
Owner :
PrimaryStatus : OK
Status : The rule was parsed successfully from the store. (65536)
EnforcementStatus : NotApplicable
PolicyStoreSource : PersistentStore
PolicyStoreSourceType : Local
Name : FPS-SMB-In-TCP
DisplayName : File and Printer Sharing (SMB-In)
Description : Inbound rule for File and Printer Sharing to allow Server Message Block transmission and reception via Named Pipes. [TCP 445]
DisplayGroup : File and Printer Sharing
Group : @FirewallAPI.dll,-28502
Enabled : True
Profile : Any
Platform : {}
Direction : Outbound
Action : Allow
EdgeTraversalPolicy : Block
LooseSourceMapping : False
LocalOnlyMapping : False
Owner :
PrimaryStatus : OK
Status : The rule was parsed successfully from the store. (65536)
EnforcementStatus : NotApplicable
PolicyStoreSource : PersistentStore
PolicyStoreSourceType : Local
Name : FPS-SMB-Out-TCP
DisplayName : File and Printer Sharing (SMB-Out)
Description : Outbound rule for File and Printer Sharing to allow Server Message Block transmission and reception via Named Pipes. [TCP 445]
DisplayGroup : File and Printer Sharing
Group : @FirewallAPI.dll,-28502
Enabled : True
Profile : Any
Platform : {}
Direction : Outbound
Action : Allow
EdgeTraversalPolicy : Block
LooseSourceMapping : False
LocalOnlyMapping : False
Owner :
PrimaryStatus : OK
Status : The rule was parsed successfully from the store. (65536)
EnforcementStatus : NotApplicable
PolicyStoreSource : PersistentStore
PolicyStoreSourceType : Local
Name : FPS-NB_Name-In-UDP
DisplayName : File and Printer Sharing (NB-Name-In)
Description : Inbound rule for File and Printer Sharing to allow NetBIOS Name Resolution. [UDP 137]
DisplayGroup : File and Printer Sharing
Group : @FirewallAPI.dll,-28502
Enabled : True
Profile : Any
Platform : {}
Direction : Outbound
Action : Allow
EdgeTraversalPolicy : Block
LooseSourceMapping : False
LocalOnlyMapping : False
Owner :
PrimaryStatus : OK
Status : The rule was parsed successfully from the store. (65536)
EnforcementStatus : NotApplicable
PolicyStoreSource : PersistentStore
PolicyStoreSourceType : Local
Name : FPS-NB_Name-Out-UDP
DisplayName : File and Printer Sharing (NB-Name-Out)
Description : Outbound rule for File and Printer Sharing to allow NetBIOS Name Resolution. [UDP 137]
DisplayGroup : File and Printer Sharing
Group : @FirewallAPI.dll,-28502
Enabled : True
Profile : Any
Platform : {}
Direction : Outbound
Action : Allow
EdgeTraversalPolicy : Block
LooseSourceMapping : False
LocalOnlyMapping : False
Owner :
PrimaryStatus : OK
Status : The rule was parsed successfully from the store. (65536)
EnforcementStatus : NotApplicable
PolicyStoreSource : PersistentStore
PolicyStoreSourceType : Local
Name : FPS-NB_Datagram-In-UDP
DisplayName : File and Printer Sharing (NB-Datagram-In)
Description : Inbound rule for File and Printer Sharing to allow NetBIOS Datagram transmission and reception. [UDP 138]
DisplayGroup : File and Printer Sharing
Group : @FirewallAPI.dll,-28502
Enabled : True
Profile : Any
Platform : {}
Direction : Outbound
Action : Allow
EdgeTraversalPolicy : Block
LooseSourceMapping : False
LocalOnlyMapping : False
Owner :
PrimaryStatus : OK
Status : The rule was parsed successfully from the store. (65536)
EnforcementStatus : NotApplicable
PolicyStoreSource : PersistentStore
PolicyStoreSourceType : Local
Name : FPS-NB_Datagram-Out-UDP
DisplayName : File and Printer Sharing (NB-Datagram-Out)
Description : Outbound rule for File and Printer Sharing to allow NetBIOS Datagram transmission and reception. [UDP 138]
DisplayGroup : File and Printer Sharing
Group : @FirewallAPI.dll,-28502
Enabled : True
Profile : Any
Platform : {}
Direction : Outbound
Action : Allow
EdgeTraversalPolicy : Block
LooseSourceMapping : False
LocalOnlyMapping : False
Owner :
PrimaryStatus : OK
Status : The rule was parsed successfully from the store. (65536)
EnforcementStatus : NotApplicable
PolicyStoreSource : PersistentStore
PolicyStoreSourceType : Local
Name : FPS-ICMP4-ERQ-In
DisplayName : File and Printer Sharing (Echo Request - ICMPv4-In)
Description : Echo Request messages are sent as ping requests to other nodes.
DisplayGroup : File and Printer Sharing
Group : @FirewallAPI.dll,-28502
Enabled : True
Profile : Any
Platform : {}
Direction : Outbound
Action : Allow
EdgeTraversalPolicy : Block
LooseSourceMapping : False
LocalOnlyMapping : False
Owner :
PrimaryStatus : OK
Status : The rule was parsed successfully from the store. (65536)
EnforcementStatus : NotApplicable
PolicyStoreSource : PersistentStore
PolicyStoreSourceType : Local
Name : FPS-ICMP4-ERQ-Out
DisplayName : File and Printer Sharing (Echo Request - ICMPv4-Out)
Description : Echo Request messages are sent as ping requests to other nodes.
DisplayGroup : File and Printer Sharing
Group : @FirewallAPI.dll,-28502
Enabled : True
Profile : Any
Platform : {}
Direction : Outbound
Action : Allow
EdgeTraversalPolicy : Block
LooseSourceMapping : False
LocalOnlyMapping : False
Owner :
PrimaryStatus : OK
Status : The rule was parsed successfully from the store. (65536)
EnforcementStatus : NotApplicable
PolicyStoreSource : PersistentStore
PolicyStoreSourceType : Local
Name : FPS-ICMP6-ERQ-In
DisplayName : File and Printer Sharing (Echo Request - ICMPv6-In)
Description : Echo Request messages are sent as ping requests to other nodes.
DisplayGroup : File and Printer Sharing
Group : @FirewallAPI.dll,-28502
Enabled : True
Profile : Any
Platform : {}
Direction : Outbound
Action : Allow
EdgeTraversalPolicy : Block
LooseSourceMapping : False
LocalOnlyMapping : False
Owner :
PrimaryStatus : OK
Status : The rule was parsed successfully from the store. (65536)
EnforcementStatus : NotApplicable
PolicyStoreSource : PersistentStore
PolicyStoreSourceType : Local
Name : FPS-ICMP6-ERQ-Out
DisplayName : File and Printer Sharing (Echo Request - ICMPv6-Out)
Description : Echo Request messages are sent as ping requests to other nodes.
DisplayGroup : File and Printer Sharing
Group : @FirewallAPI.dll,-28502
Enabled : True
Profile : Any
Platform : {}
Direction : Outbound
Action : Allow
EdgeTraversalPolicy : Block
LooseSourceMapping : False
LocalOnlyMapping : False
Owner :
PrimaryStatus : OK
Status : The rule was parsed successfully from the store. (65536)
EnforcementStatus : NotApplicable
PolicyStoreSource : PersistentStore
PolicyStoreSourceType : Local
Name : FPS-LLMNR-In-UDP
DisplayName : File and Printer Sharing (LLMNR-UDP-In)
Description : Inbound rule for File and Printer Sharing to allow Link Local Multicast Name Resolution. [UDP 5355]
DisplayGroup : File and Printer Sharing
Group : @FirewallAPI.dll,-28502
Enabled : True
Profile : Any
Platform : {}
Direction : Outbound
Action : Allow
EdgeTraversalPolicy : Block
LooseSourceMapping : False
LocalOnlyMapping : False
Owner :
PrimaryStatus : OK
Status : The rule was parsed successfully from the store. (65536)
EnforcementStatus : NotApplicable
PolicyStoreSource : PersistentStore
PolicyStoreSourceType : Local
Name : FPS-LLMNR-Out-UDP
DisplayName : File and Printer Sharing (LLMNR-UDP-Out)
Description : Outbound rule for File and Printer Sharing to allow Link Local Multicast Name Resolution. [UDP 5355]
DisplayGroup : File and Printer Sharing
Group : @FirewallAPI.dll,-28502
Enabled : True
Profile : Any
Platform : {}
Direction : Outbound
Action : Allow
EdgeTraversalPolicy : Block
LooseSourceMapping : False
LocalOnlyMapping : False
Owner :
PrimaryStatus : OK
Status : The rule was parsed successfully from the store. (65536)
EnforcementStatus : NotApplicable
PolicyStoreSource : PersistentStore
PolicyStoreSourceType : Local
The command:
(Get-NetFirewallRule -DisplayGroup "File and Printer Sharing" -Direction Outbound).DisplayName
shows the display names of the 14 outbound rules in the FPS group:
File and Printer Sharing (NB-Session-In)
File and Printer Sharing (NB-Session-Out)
File and Printer Sharing (SMB-In)
File and Printer Sharing (SMB-Out)
File and Printer Sharing (NB-Name-In)
File and Printer Sharing (NB-Name-Out)
File and Printer Sharing (NB-Datagram-In)
File and Printer Sharing (NB-Datagram-Out)
File and Printer Sharing (Echo Request - ICMPv4-In)
File and Printer Sharing (Echo Request - ICMPv4-Out)
File and Printer Sharing (Echo Request - ICMPv6-In)
File and Printer Sharing (Echo Request - ICMPv6-Out)
File and Printer Sharing (LLMNR-UDP-In)
File and Printer Sharing (LLMNR-UDP-Out)
If your output is different than this, it means rules have been removed (or added) to the File and Print Sharing group.
For example, if you run the command:
New-NetFirewallRule -DisplayName "My test rule 2" -group "File and Printer Sharing" -Enabled True -Protocol tcp -LocalPort 12346 -Direction Inbound
This adds a new inbound firewall rule to the FPS group. Output looks like:
Name : {06449724-944b-4048-834f-8870b9dce4f6}
DisplayName : My test rule 2
Description :
DisplayGroup : File and Printer Sharing
Group : File and Printer Sharing
Enabled : True
Profile : Any
Platform : {}
Direction : Inbound
Action : Allow
EdgeTraversalPolicy : Block
LooseSourceMapping : False
LocalOnlyMapping : False
Owner :
PrimaryStatus : OK
Status : The rule was parsed successfully from the store. (65536)
EnforcementStatus : NotApplicable
PolicyStoreSource : PersistentStore
PolicyStoreSourceType : Local
This test rule is of course useless because there's no listener on TCP port 12346 on this particular machine..
The new rule can also be viewed in Windows Firewall with Advanced Security:
Now if you run the command:
(Get-NetFirewallRule -DisplayGroup "File and Printer Sharing" -Direction Inbound).DisplayName
the output will look like:
File and Printer Sharing (Spooler Service - RPC)
File and Printer Sharing (Spooler Service - RPC-EPMAP)
My test rule 2
Sam Boutros, Senior Consultant, Software Logic, KOP, PA http://superwidgets.wordpress.com (Please take a moment to Vote as Helpful and/or Mark as Answer, where applicable)

What rules do I need to include in Windows Firewall to allow Thunderbird out?

This issue applies to all mail clients I try (tried with Outlook too), but I'm asking here because Thunderbird is my preference.
I'm using Windows Firewall on Windows 8.1. I changed the default Allow Outbound traffic in Domain, Public and Private settings to Block so that my outbound traffic is restricted only to what I allow through firewall rules. I've allowed thunderbird.exe. But my mail client doesn't connect to the webmail servers and retrieve mail. Because I don't have an application to watch my firewall in real-time, I don't know if the specific disconnect is when Thunderbird tries to authenticate with the remote end or if it simply can't retrieve the mail (although my guess would be the former). But when I change the Block Outbound setting to Allow, it connects.
That tells me that I'm missing a rule, and just allowing thunderbird.exe out isn't enough. Has anyone experienced this issue before and know what other rules I would need to apply? If not, then would anyone suggest a good, free firewall analyzer that I can use to sleuth what's trying to get out?

This link shows you what files you need to 'redistribute': http://java.sun.com/webservices/docs/1.3/ReleaseNotes.html#RedistributableComponents
I am using JAXB 1.2, and the specified jars here were all I needed - although I am not making an executable, but embedding in a large J2EE enterprise application. From the error, it looks like something generated when you call marshal.
DId you successfully XJC an XSD to generate your jaxb.properties and all the related content classes?

The recommended number of IP addresses to block, which can be added to one rule Windows Firewall

Good afternoon.
Interested in the question, I need to create
a rule to deny access the server with the
specified IP address. List of large
- about 50 thousand. So
how can I add an IP rule blocking
connections from IP addresses. If they
will be in Rule 10000 does not
affect whether it is the speed of the
server and of the whole will be
any changes in your work?
The bottom line is that I have added
10,000 IP rule. Through the
API Windows Firewall, I realized that the maximum number
of IP addresses that I can add is equal
10000 (10001 already swears "array bounds are invalid").
Rule added - these IP-addresses
are blocked. The question is - Will the
fact that the rule as many IP
addresses on the server rate.
Is it possible to set this rule remotely on
multiple servers?

Hi,
I can't find any document about this limitation.
But it is not recommended to add so many rules in Windows Firewall. It will be resource intensive.
Could you use the wildcard? It can reduce the number of the rules.
Best Regards.
Steven Lee
TechNet Community Support

Firewall Rules for Printing and Scanning through Windows Firewall

Hello,
I am having trouble determining the Ports, Programs, and Services required for printing and scanning with my AIO.
I am using Windows Firewall in Windows 7, and am only allowing certain rules in and out.
I know the firewall is the problem, for when I disable it, everything works fine.
Which rules are required for printing and scanning through the firewall?

4th Bump,
Is there anyone who can help me with this?
As I said before, other printer manufacturers such as Lexmark and Brother provide this exact information.
Why doesn't hp have a document for this? Does everyone just disable their firewall or open every port?

Windows firewall rules

Similar Messages

Maybe you are looking for