How to allow IP address through Firewall without specifying port(s)


  • I was wondering if there is a way to allow an IP address through my Windows server 2003R2 Firewall without using the exceptions tab.  Problem is I have a client system that runs a third party software that connects to this server.  Each time it connects it uses a different port so I am unable to specify just one or so ports in the exceptions.  What I would like to do is just allow the IP address through so I can have my firewall up and not have the computer access blocked.  Can I use netsh in the CMD line to edit the firewall settings to do this?
    Ryan Blackerby
    Friday, September 16, 2011 9:17 PM


  • If I remember correctly for Windows 2003 firewall does not provide you a way to Exempt an IPAddress. If you dont know what port would a client be connecting to you, you should make a exception based on program. So whatever program/service on server communicates with your client, you can create an exemption/exception for that program in firewall.

    And yes it can be done by from command line use 'netsh firewall add allowedprogram' context.


    Hope this helps!

    Saturday, September 17, 2011 2:13 AM