Windows 2003 NIC Firewall Settings - How to add port ranges

[Mark]

I have a question regarding the Windows 2003 firewall settings. When I click
on the Exceptions tab, I see a list of some of the services. When I click on
File and Print Sharing and select Edit, I get a list of tcp & udp ports for
this service. How can I create a new service item and add multiple ports
under that item (just like File & Print Sharing)? Right now I click Add Port,
give it a name and specify the port number. When I have to allow a port
range, or multiple ports that aren't in the same range, I create a new port
entry.

Thanks in advance for any help given.

 

[Steve Riley [MSFT]]

The firewall doesn't support adding port ranges, only single ports.

Generally, it's better to create an exception for a program or a service,
rather than define port numbers. Then, when the program creates its
listening socket(s), the firewall dynamically opens whatever ports the
program uses, and restricts incoming traffic to that process only.

--
Steve Riley
steve.riley@microsoft.com
http://blogs.technet.com/steriley
http://www.protectyourwindowsnetwork.com



"Mark" <Mark@discussions.microsoft.com> wrote in message
news:1BBE8D9F-16C5-4CFB-9405-119F7BEECDF3@microsoft.com...
> I have a question regarding the Windows 2003 firewall settings. When I
> click
> on the Exceptions tab, I see a list of some of the services. When I click
> on
> File and Print Sharing and select Edit, I get a list of tcp & udp ports
> for
> this service. How can I create a new service item and add multiple ports
> under that item (just like File & Print Sharing)? Right now I click Add
> Port,
> give it a name and specify the port number. When I have to allow a port
> range, or multiple ports that aren't in the same range, I create a new
> port
> entry.
>
> Thanks in advance for any help given.