[Server 2008] Firewall - Opening Ports

Firewall on Virtual Servers

All Virtual Servers by default have their firewall enabled. We also have our own firewall in front of the Virtual Servers but that firewall is setup to allow most inbound traffic towards your servers. The firewall on your server such as the "Windows Firewall" is set to be much more restrictive to what it allows by default. You can then edit your own firewall to allow access for whatever ports you specify. Basically our firewall won't prevent you from opening up any needed ports.

 

Windows Server 2008 R2

 

Opening a Port on the Windows Firewall

Below are the steps to open up a port on the Windows Firewall.

  • Click on the START button click on Administrative Tools

http://myhosting.com/kb/admin/media_store/2/AA-01134/fwstart.PNG

  • Select Windows Firewall with Advanced Security

http://myhosting.com/kb/admin/media_store/2/AA-01134/fwadmin.PNG

  • Select Inbound then 'New Rule' from the actions pane

http://myhosting.com/kb/admin/media_store/2/AA-01134/fwinbnew.PNG

  • Choose a rule type, Port, Program, Predefined (GRE) or a custom rule

http://myhosting.com/kb/admin/media_store/2/AA-01134/fwpppc.PNG

  • Select which port or ports and protocol the rule applies too.

http://myhosting.com/kb/admin/media_store/2/AA-01134/fwprotport.PNG

  • Select the action in which you want to apply to the port or program you can block, allow or allow if it is secure.

http://myhosting.com/kb/admin/media_store/2/AA-01134/fwaction.PNG

  • Select the profile in which the rule applies too, our VPS's are set to the Domain profile by default which means a rule that applies only to Public or Private will not apply to your externally facing VPS network. We suggest that you select a combination of Domain and private or public or all three.

http://myhosting.com/kb/admin/media_store/2/AA-01134/fwprofile.PNG

  • Name the rule, your new rule can be called anything it is best to name it something you are able to identify easily.

http://myhosting.com/kb/admin/media_store/2/AA-01134/fwname.PNG

What do I do if a rule was already created?

If a firewall rule was already created by the system their is little you can do to change that rule through the Windows Firewall with Advanced Security console. You may want to change the profile that the rule affects if this is the case you can change the profile through a netsh command here is an example of this.

  • Open a Administrative Command Prompt
  • Type the following
  • netsh advfirewall set rule name="the exact name of the rule" profile=the current profile dir=in new profile=the new pofile
  • eg netsh advfirewall set rule name="Post-Office Protocol Version 3 (POP3)" profile=public dir=in new profile=domain

 

Was this article helpful?
0 out of 0 found this helpful