If you use role-based administration:
- You must have the Policy setting
- firewall right to configure a firewall policy.
- You cannot edit a policy if it is applied
outside your active sub-estate.
For more information, see Managing roles and sub-estates.
To create a custom
rule which allows fine control over the access allowed for an application:
Double-click the firewall policy you want to change.
On the Welcome page of the
Firewall Policy wizard, click Advanced firewall policy.
Under Configurations, click
Configure next to the location for which you
want to configure the firewall.
- Click the Applications tab.
Select the application in the list, and then click
Application Rules dialog box, click
Rule name, type a name for the rule.
The rule name must be unique within the list of rules. Two
application rules cannot have the same name, but two applications can each have
a rule with the same name.
Select the events the rule will handle, select
the conditions that the connection must match for the rule to apply.
Select the actions with which the rule will
respond, select either
Allow it or
Do one of the following:
- To allow other
connections to and from the same remote address while the initial connection
Note: This option is only available for TCP rules, which are
stateful by default.
- To intelligently allow replies from the
remote computer based on the initial connection, select Stateful
Note: This option is only available for UDP and
On Windows 8 and later, these options do not apply as Stateful
inspection is always used and Concurrent
connections are not supported.
Under Rule description, click an underlined value. For example, if you click the
Stateful TCP link, the Select
Protocol dialog box opens.