Overview
This article provides a step-by-step process on opening ports in the Windows Firewall using the Group Policy Object (GPO).
Process
Use the following procedure to open ports in the Windows personal firewall:
- Log on to a machine on the network with domain administrator privileges. The machine needs to be running Microsoft Windows XP SP1 or Microsoft Windows 2003.
- Download and install the .NET framework (required for the next step).
- Download and install the Microsoft Group Policy Management Console (GPMC).
- To launch GPMC, click on Start > Run and type in
gpmc.msc
. - Expand the tree under the forest you will be updating.
- Expand the tree under Domains.
- Expand the domain which you will be updating.
- Right-click on Default Domain Policy and select Edit.
Do the following in the GPO editor Microsoft Management Console (MMC):
- Go to Computer Configuration > Administrative Templates > Network > Network Connection > Windows Firewall > Domain Profile.
- Double-click on the entry 'Windows Firewall: Define port exceptions'.
- Select Enabled.
- Click on the Show button to bring up the port exception list dialog.
- Select the Add button.
- Specify the required port using the following syntax/convention:
<port>:<transport>:<scope>:<status>:<name>
Example: To allow connections on port 139 from the IP addresses in the local subnet, configure the rule as follows:
139:TCP:localsubnet:enabled:SMB