---
title: Open/Close ports on Windows Firewall
---


# Open/Close ports on Windows Firewall

## Introduction

Windows Firewall is an application of Microsoft Windows that filters incoming/outgoing information of your system from the Internet and blocks potentially harmful programs. Users need to add a program to the list of allowed programs to allow it to communicate through the firewall. When using a public network, Windows Firewall can also secure the system by blocking all unsolicited attempts to connect to your computer.

In this article, we will explain how to open a port in the Windows firewall for TCP access.

## Steps to open a port

**Step 1:** On the Start menu, click **Run**, type `WF.msc`, and then press Enter.

![Step 1](images/win1.png)

**Step 2:** In the Windows Firewall with Advanced Security Panel, in the left pane, right-click **Inbound Rules**, and then click **New Rule** in the action panel.

![Step 2](images/win3.png)

**Step 3:** You will get a Rule Type dialog box, select **Port**, and then click **Next**.

![Step 3](images/win4.png)

**Step 4:** On the Protocol and Ports dialog box, select **TCP**. Select **Specific local ports**, and then type the port number. Click **Next**.  
(Note: The port `3306` is shown just as an example. You need to specify the port you are opening.)

![Step 4](images/win5.png)

**Step 5:** In the Action dialog box, select **Allow the connection**, and then click **Next**.

![Step 5](images/win6.png)

**Step 6:** In the Name dialog box, type a name and description for this rule, and then click **Finish**.

![Step 6](images/win7.png)

## Create an Outbound Port Rule

To begin with, you should start the firewall extended interface. To do this, go to **Control Panel**, switch to large icons mode, and click on **Windows Defender Firewall**.

![Outbound Step 1](images/outbound-1.webp)

The firewall extended interface (which you can access by clicking on the **Advanced settings** link on the left) has many settings. Make all changes very attentively, and follow exactly what this tutorial instructs. If you set certain configurations incorrectly, it could result in issues with your computer.

![Outbound Step 2](images/outbound-2.webp)

In the left navigation pane, select **Outbound Rules**. The system will show all previously created rules – and don’t be surprised to see dozens of entries created by Windows.

![Outbound Step 3](images/outbound-3.webp)

In the right pane, click **New Rule…**.

![Outbound Step 4](images/outbound-21.png)

By default, you are prompted to create a rule for a port, so confirm your choice by clicking **Next**.

![Outbound Step 5](images/outbound-22.png)

The next step is to add the custom port and specify **TCP/UDP** which has to be blocked, then click **Next**.

Confirm your file choice by clicking **Next**.

![Outbound Step 6](images/outbound-6.webp)

At the next stage, confirm the choice **Block the connection** by clicking **Next**.

![Outbound Step 7](images/outbound-7.webp)

Your next step is to choose when the rule should apply (by default, all options are checked). They determine if the rule applies depending on whether the computer is connected to a network defined as public or private.

<!-- > **Important Note:** If you choose **Private** and uncheck **Public**, it means that the program will have access to the local network but not the Internet. -->

Let’s suppose you use a laptop at home (in a network you define as private), at work (in a domain network), and at a cafe (in a network you define as public). If you want the rule to apply at the cafe, at work, and at home, select all three options. If you want it to apply only in one of these cases, select the corresponding option.

If you have doubts, just leave all blocking options enabled by default. Confirm the choice by clicking **Next**.

![Outbound Step 8](images/outbound-23.png)

The last step is to give this rule a name. Think of a name that makes sense so you can easily find it later. At this point, you can also add a description so you can remember why you created it. Windows creates many firewall rules automatically, and all of them have quite fancy names.

To make your rule stand out, name it **Block suspicious ports**. Close the wizard by clicking **Finish**.

Now there is a new item on the outbound rules list. You can double-click on it to edit it. For example, you can specify the users for whom this rule will apply, or decide that only a certain protocol should be blocked - TCP, or others.


---