locked
Why won't windows firewall open port? RRS feed

  • Question

  • If I turn OFF windows firewall, and I telnet into my computer, the port is open.  If I turn ON Windows Firewall and open the port by creating an inbound rule and telnet in, the port is closed.  I really would like to open the one port and not all of them.  I downloaded Comodo Firewall and it allowed me to telnet into the port as well.
    • Moved by Carey FrischMVP Friday, January 6, 2012 8:53 PM Move to more appropriate forum category (From:Windows 7 Miscellaneous)
    Friday, January 6, 2012 5:33 PM

Answers

  • Final update.  After restoring the Windows Firewall to defaults, and don't some of the initial configuration (common programs, file sharing) I now have access to my pc from the other pc on the lan.  The firewall log showed nothing from the ip address I was telnetting from, and nothing about port 1234, but it is now working as I intended.  Firewall stays on, and doesn't block my access to this program.  I don't understand what is different, but considering the time invested in troubleshooting already, it doesn't appear to benefit me to figure out the why at this time.  But I wanted to thank everyone for they're helpful attitudes and knowledge on the subject.
    • Marked as answer by Miya Yao Monday, January 30, 2012 8:46 AM
    Friday, January 20, 2012 11:45 PM

All replies

  • kindlly check

    Regarding the Windows Firewall as well as how it works, I would like to share the following information with you:

    http://technet.microsoft.com/en-us/library/cc748991(WS.10).aspx

    http://technet.microsoft.com/en-us/library/getting-started-wfas-firewall-profiles-ipsec(WS.10).aspx


    Mohamed Abd Elhamid Abd Elaziz Microsoft System Administrator My blog: http://Mabdelhamid.wordpress.com/
    Saturday, January 7, 2012 8:05 AM
  • If you turn on the firewall and create an exception for that port, it should work. How did you remote connect your computer? A third party software? Did you create an exception for it?

    If it still does not work, I suggest you use the network monitor to capture the network trace see what happend.

    Regards,

    Miya

    • Edited by Miya Yao Wednesday, January 11, 2012 9:06 AM
    Wednesday, January 11, 2012 8:43 AM
  • This is what my Firewall setup looks like.  Does anything look wrong with it?  I tested again today.  Comodo Firewall lets me through when I telnet the port, Windows Firewall blocks the port for some reason unbeknownst to me.  I am using RDP to connect to a local network computer and telnetting into my own from it.
    Thursday, January 12, 2012 5:28 PM
  • Hi, hope this is your inbound Rule. the rule seems ok.

    Along with what Miya suggested above, you also might want to verify that there exist no block Rule for this communication in firewall. If both block and allow rule are present then Block rule gets precedence over allow rule. You can also start tracing to see which firewall filter is actually dropping your packets.  Following command will enable the event logging and you can see the drop events in security log.

    auditpol /set /subcategory:"Filtering Platform Connection" /success:enable /failure:enable

    once you are done with your experiments, you can turn off the tracing using below command:

    auditpol /set /subcategory:"Filtering Platform Connection" /success: disable /failure: disable

     


    -CrDev Blogs: http://blogs.msdn.com/b/satyem
    Thursday, January 12, 2012 7:10 PM
  • I have no inbound block rule for port 1234.  auditpol didn't work for me.  I saw various errors, including "A required privilege is not held by the client."  I would love to figure this out, because it seems that Windows Firewall is broken on my machine, and my machine is very important for developing applications.
    Friday, January 13, 2012 5:36 PM
  • Enable the Firewall logging, however that also requires you to have administrative right. Check if the packet being dropped is in the firewall traces.

    Steps to enable firewall logging: http://technet.microsoft.com/en-us/library/cc947815(WS.10).aspx

    It would be good if you can share the firewall rules in your system. You can get that list by executing following command:

    netsh advfirewall firewall show rule name=all > FirewallRules.txt

    Share FirewallRules.txt with us. It would be a large file so either share it using skydrive or you can forward that to crdev@live.com. Prefer to share using some web share so that its accessible to everyone interested.

     

     

     


    -CrDev Blogs: http://blogs.msdn.com/b/satyem
    Friday, January 13, 2012 9:08 PM
  • I am using Windows 7 Home Premium, so it appears I can't use Group Policies.  
    Monday, January 16, 2012 6:23 PM
  • A sectin at the bottom of same page, describes how to start logging on a standalone box without GP.

    In order to enable firewall logging on Windows 7 and Windows server 2008 R2 machine we need to follow the steps given below.



    1. Go to Start and in RUN type wf.msc .


    2. This opens up “Windows Firewall with Advanced Security” window.


    3. Then right click on “Windows Firewall with Advanced Security on Local Computer” and go to properties.


    4. When clicked on properties a new window opens. Now Select “Customize” option under logging.


    5. The default path for the log is %windir%\system32\logfiles\firewall\pfirewall.log. If you want to change the path click Browse to select a file location.


    6. The default maximum file size for the log is 4,096 kilobytes (KB). If you want to change this the type in the new size in KB, or use the up and down arrows to select a size. The file will not grow beyond this size; when the limit is reached, old log entries are deleted to make room for the newly created ones.

    7. No logging occurs until you set one of following two options:

    * To create a log entry when Windows Firewall drops an incoming network packet, change Log dropped packets to Yes.


    * To create a log entry when Windows Firewall allows an inbound connection, change Log successful connections to Yes.


    8. Click OK twice to complete your configuration.


    -CrDev Blogs: http://blogs.msdn.com/b/satyem
    Monday, January 16, 2012 6:28 PM
  • That was very helpful in configuring my firewall to start logging.  Thank you.  My latest finding is that after mulitple telnet port tests with logging enabled, I get zero logging.  

    is that normal?  I was hoping to log something, but instead, I log nothing.  Is there anything to be learned from this?  Thanks for trying, but I get the feeling it is a strange, unique problem that I am experiencing, that has no reasonable explanation.

    Thursday, January 19, 2012 6:46 PM
  • Did you enable the logging for all three profiles. In the property page you need to follow step 4-8 for all three profiles(DOMAIN,PRIVATE AND PUBLIC). That could be one reason for no logging.

     


    -CrDev Blogs: http://blogs.msdn.com/b/satyem
    Thursday, January 19, 2012 7:50 PM
  • Aww poop.  I didn't.  Sorry, I will do that.  Gosh, I really need it spelled out for me on this one.  Be right back.
    Thursday, January 19, 2012 11:33 PM
  • I tested my scenario on a brand new windows 7 installation.  It allowed port traffic on 1234 without the need of a firewall rule.  I then restored my primary PC windows firewall to defaults.  It disallows my telnet every time unless I disable the firewall.  Furthermore, the firewall log has quite a lot in it now, and no reference to a port 1234, even though my firewall is blocking it.  Stumped.
    Friday, January 20, 2012 12:07 AM
  • >>I tested my scenario on a brand new windows 7 installation. It allowed port traffic on 1234 without the need of a firewall rule.

    Firewall doesn't allow inbound traffic by default, if Firewall is allowing without any rule then again there is some configuration problem with firewall...

    If firewall is dropping the packet  then it should be in firewall logs. SO does firewall log has any dropped event from the client IP you are trying to telnet from?  Can you check in the NetMon if the packets are really destined to port 1234?

    If you can share below three logs from  server, they would help find the root cause:

    • Netmon capture
    • Firewall Log
    • Firewall Rules (you can get these by executing the command "netsh advfirewall firewall show rule name=all > FirewallRules.txt")

    These logs would be larger so you can share either via Skydrive or via email to CRDEV AT LIVE DOT COM.

     

     

     


    -CrDev Blogs: http://blogs.msdn.com/b/satyem
    Friday, January 20, 2012 3:34 AM
  • Final update.  After restoring the Windows Firewall to defaults, and don't some of the initial configuration (common programs, file sharing) I now have access to my pc from the other pc on the lan.  The firewall log showed nothing from the ip address I was telnetting from, and nothing about port 1234, but it is now working as I intended.  Firewall stays on, and doesn't block my access to this program.  I don't understand what is different, but considering the time invested in troubleshooting already, it doesn't appear to benefit me to figure out the why at this time.  But I wanted to thank everyone for they're helpful attitudes and knowledge on the subject.
    • Marked as answer by Miya Yao Monday, January 30, 2012 8:46 AM
    Friday, January 20, 2012 11:45 PM