Information Technology Reference
In-Depth Information
Port#
specifies the port number of the exception you're creating.
Use
TCP
or
UDP
to specify the transport-level protocol being used by the port exception
you're creating.
Scope
specifies the scope of the exception. You can use
*
to specify the Any Computer
setting,
LocalSubnet
to restrict the exception to your local network, or a single IP
address or range of IP addresses to define a custom list. Create multiple entries by
separating them with a comma, like this:
LocalSubnet,10.0.0.151,10.112.25.0/
255.255.255.0,10.121.79.0/24
Use
Enabled
or
Disabled
to indicate whether this port should be enabled or disabled
in the exception list.
PortName
creates a user-friendly name for the port exception; this is the name that will
appear on the Exceptions tab in the Windows Firewall Control Panel applet.
■
Note
You cannot specify a custom scope for IPv6 addresses; it only supports
*
or
LocalSubnet
.
A complete Group Policy entry might look something like this:
8080:TCP:LocalSubnet:Enabled:IntranetApps
See Also
Recipe 3-3 for more on creating program exceptions
Microsoft TechNet: “Configuring Port Exceptions” (
http://technet2.microsoft.com/
WindowsServer/en/Library/e53c01ac-1e0a-4693-af58-9242b884b5cd1033.mspx
)
3-5. Managing Exceptions
Problem
You want to edit or delete an existing program or port exception on the Windows Firewall.
Solution
Using a Graphical User Interface
1.
Open the Network Connections applet.
2.
Double-click on the Local Area Connection icon.
