3 Methods to Enable Program Exceptions in Windows Firewall
Recently I got a friend asking me how to open ports in Windows Firewall, so that he can run Windows Netmeeting in his home network. I said he doesn’t need to worry about it, since he can allow the access the first time and enable program exception in firewall, so that the traffic will be allowed next time.
The first thing for enabling the program exceptions is make sure you leave Don’t allow exceptions option blank, means don’t click it..
Here are 3 methods you can use to enable exceptions in Windows Firewall.
Enabling Exception through Windows Firewall Security Alert
You will receive Windows security alert whenever the firewall blocks a program, there are 3 ways for you to react in this situation:
Keep Blocking – Firewall will keep on blocking the program until you set exception.
Unblock – Unblock the program, and new exception will be added in firewall’s exception window.
Ask Me Later - Firewall will keep on blocking the program, but will ask you next time with this similar alert.
This method is the one I asked my friend to use. I told him to click unblock when he receives this alert for that particular program, so that he can run the program without problem.
Enabling Exception by Adding the Program Manually
If you wish to add the program exception in Windows Firewall manually, here is simple way to do it.
1) Go to Start and click Control Panel. Control Panel Window will appear, and then double click Security Center.
2) Windows Security Center window will appear, go to bottom of window and click Windows Firewall.
3) Windows Firewall window will appear, go to Exceptions tab, and click the programs you wish to allow as incoming connection and click OK at last.
Note: If the program you wish to add is not listed, then you click Add Program… to add that new program.
Enabling Exception by Identifying and Adding the Program Port Number Manually
If you fail to add the program exceptions by using above 2 methods, then you can use this method by identifying the program port number and add the exceptions.
1) After you’ve started the program which you plan to add exception, open command prompt, type tasklist. You will then see a list of running programs, then identify the program which you have just ran and remember the PID (Process ID). In this case, I use Microsoft Netmeeting (conf.exe) as example, the PID is 3616.
2) Then open the other command prompt, type netstat -ano. You will see a list of connections, proceed to identify the connection with the PID you just got and identify the port number used by that program. In this case, the port number used by Microsoft Netmeeting are TCP 1503 and TCP 1720.
3) Open Windows Firewall after identifying port number of listening program, click Exceptions tab and then click Add Port…
4) Add a Port window will appear. Key in the program name and its port number. Do specify TCP or UDP port option as well. After that, click OK to enable this program exception. You have done...
Note: Sometimes the ports identified by this method are not correct as there might be more ports involved in order to make the program works properly. For this Netmeeting case, the actual ports needed are:
- TCP ports on 522, 389, 1503, 1720 and 1731.
- UDP ports 1024-65535 (dynamic assigned ports).
So the best way is check with the program vendor on what ports will be used. I will provide a port list that used by popular applications later.
You can also check out some pros and cons of Windows Firewall if you wish..
Return to top!!