Opening Windows Firewall Ports via Command Line
I needed to open two ports on a large number of machines. Using the Windows GUI is just too time consuming. So I found out how to open the ports via command line, and then added those commands into a batch file that opened the ports, appended to the hosts file, and initiated an installer. This saved me a lot of time, and the less I deal with the XP GUI, the better.
netsh firewall add portopening type number name enable subnet
- type - TCP or UDP
- number - port number (e.g. 80)
- name - name to identify this exception in the firewall
For example, to open up port 80 on the subnet, you could run the command:
netsh firewall add portopening TCP 80 HTTP enable subnet
I’m sure this will come in handy again.
April 30th, 2007 at 8:15 am
Interesting. If you forward a port VIA router will it still be blocked by the firewall/hindered? And is it TCP or UDP?
April 30th, 2007 at 1:38 pm
You can specify TCP or UDP with the command (e.g.) TCP 80 or UDP 5000. If you were to use port forwarding with a router, for example to setup remote desktop access, you would need to forward or pinhole the port on the router as well as open the port on the windows firewall of the target machine.
October 24th, 2007 at 8:26 pm
I should check in on your site more often. I needed to know this in August and spent some time searching the web before I found it on another site… I see you posted this in the spring… It would ave saved me some time if I had been visiting your site more frequently.
November 5th, 2008 at 12:29 pm
Is it possible to open a range of ports with one command line? ie, 1024-2000?
November 6th, 2008 at 6:17 am
Dave,
It looks like the add portopening command only supports a single port per line. People have written scripts that will create all these commands for you though if you’d like to put in a range. Here is an example:
http://www.planetamd64.com/lofiversion/index.php?t18299.html