If you have Windows Firewall enabled then chances are that eventually you are going to find that it will be blocking one or more ports required by your applications. Checking Windows Firewall for blocked ports will help you troubleshoot your issues.
To check if Windows Firewall is blocking a port(s) that your machine is trying to communicate, follow the steps below…
Pre-Check: What ports is the machine listening on?
First off, let’s check if your server is even listening on the specific port you think might be being blocked by Windows Firewall.
To check what ports a Windows machine is listening on, do the following:
Steps:
- Launch Command Prompt
- Run
netstat -a -n - Check the List
- If the specific port is listed, the server is listening on that port.
- If it isn’t, the port is not being used, indicating the application is either not running or not using that port.
Option 1: Checking Windows Firewall for blocked ports via Windows Firewall Logs
The first way to check what ports Windows Firewall is blocking is to use the Windows Firewall logs. To do this, follow these steps:
- Enable Dropped Packets Logging
- Go to Start >> Control Panel >> Administrative Tools >> Windows Firewall with Advanced Settings
- From the Actions pane (right-pane) click on Properties
- Select the appropriate firewall profile (Domain, Private or Public). Alternatively, enable logging on all three profiles
- Click the Customise button under the Logging section
- Change the Log Dropped Packets option to Yes
- Take note of the file path to where the logs will be stored
- Click OK to enable logging (see screenshot below)
- Navigate to the logging file path (as per file location in the Logging settings above)
- Check the log file for any blocked ports
Option 2: Checking Windows Firewall for blocked ports via the Command Line
You can also get a list of the active listening and the blocked ports by using the Windows Firewall commands through the command prompt. This is documented below:
To get a list of the Windows Firewall blocked ports and active ports run:
To get a list of the Windows Firewall configuration run:
Note: The netsh firewall set of commands have been depreciated (although they still work on Windows 2012 R2). The new set of commands are netsh advfirewall firewall.
At this stage I haven’t been able to work out how to get a list of the blocked ports using these new set of commands and hence I still use the old commands.
For more information about netsh advfirewall firewall commands, see the following post >>> (How to use netsh advfirewall firewall set of commands).
Checking if other firewalls are blocking ports
What if it isn’t Windows firewall that is blocking your port but rather another external firewall? How do we check if another firewall is blocking any ports?
The following command will show you if possibly any other firewalls are blocking any ports for your application. How it works is pretty simple, if nothing is returned it means no ports are currently being blocked. If something is returned, then possibly that is the port that might be blocked. This is a good starting point to check firewall logs on the actual firewall to see if it is being blocked or not.
Linux? Although this is a Windows article, in the event that you need to find out if firewalls are blocking any ports on your Linux machines, you can run the following command:
Contact Us
If you have any questions or need further assistance, feel free to contact our support team. Visit our Support Page for more information.
Are your websites helping you get business? Our technical support team provides custom solutions and fixes all errors in no time.
Avoid misconfigurations! Click here for a customized and error-free network to boost your business.
Worried about your broken website? Get assistance from our server specialists to fix all errors.