PRACTICAL-5

Aim: Configure windows firewall for inbound and outbound rules.

To create an inbound port rule

1. Open the Group Policy Management Console to Windows Defender Firewall with
Advanced Security.
2. In the navigation pane, click Inbound Rules.
3. Click Action, and then click New rule.
4. On the Rule Type page of the New Inbound Rule Wizard, click Custom, and then
click Next.

Note: Although you can create rules by selecting Program or Port, those choices limit
the number of pages presented by the wizard. If you select Custom, you see all of the
pages, and have the most flexibility in creating your rules.

5. On the Program page, click All programs, and then click Next.

Note: This type of rule is often combined with a program or service rule. If you
combine the rule types, you get a firewall rule that limits traffic to a specified port and
allows the traffic only when the specified program is running. The specified program
cannot receive network traffic on other ports, and other programs cannot receive
network traffic on the specified port. If you choose to do this, follow the steps in
the Create an Inbound Program or Service Rule procedure in addition to the steps in
this procedure to create a single rule that filters network traffic using both program and
port criteria.

6. On the Protocol and Ports page, select the protocol type that you want to allow. To
restrict the rule to a specified port number, you must select either TCP or UDP.
Because this is an incoming rule, you typically configure only the local port number.

If you select another protocol, then only packets whose protocol field in the IP header
match this rule are permitted through the firewall.
 To select a protocol by its number, select Custom from the list, and then type the
number in the Protocol number box.

When you have configured the protocols and ports, click Next.

7. On the Scope page, you can specify that the rule applies only to network traffic to or
from the IP addresses entered on this page. Configure as appropriate for your design,
and then click Next.
8. On the Action page, select Allow the connection, and then click Next.
9. On the Profile page, select the network location types to which this rule applies, and
then click Next.

Note: If this GPO is targeted at server computers running Windows Server 2008 that
never move, consider modifying the rules to apply to all network location type profiles.
This prevents an unexpected change in the applied rules if the network location type
changes due to the installation of a new network card or the disconnection of an
existing network card’s cable. A disconnected network card is automatically assigned
to the Public network location type.

10. On the Name page, type a name and description for your rule, and then click Finish.

To create an outbound port rule

1. Open the Group Policy Management Console to Windows Defender Firewall with
Advanced Security.

2. In the navigation pane, click Outbound Rules.

3. Click Action, and then click New rule.

4. On the Rule Type page of the New Outbound Rule wizard, click Custom, and then
click Next.

Note: Although you can create rules by selecting Program or Port, those choices limit
the number of pages presented by the wizard. If you select Custom, you see all of the
pages, and have the most flexibility in creating your rules.
 5. On the Program page, click All programs, and then click Next.

6. On the Protocol and Ports page, select the protocol type that you want to block. To
restrict the rule to a specified port number, you must select either TCP or UDP.
Because this is an outbound rule, you typically configure only the remote port number.

If you select another protocol, then only packets whose protocol field in the IP header
match this rule are blocked by Windows Defender Firewall. Network traffic for
protocols is allowed as long as other rules that match do not block it.

To select a protocol by its number, select Custom from the list, and then type the
number in the Protocol number box.

When you have configured the protocols and ports, click Next.

7. On the Scope page, you can specify that the rule applies only to network traffic to or
from the IP addresses entered on this page. Configure as appropriate for your design,
and then click Next.

8. On the Action page, select Block the connection, and then click Next.

9. On the Profile page, select the network location types to which this rule applies, and
then click Next.

10. On the Name page, type a name and description for your rule, and then click Finish.

To add a Windows firewall port exception:

On the client operating system, go to Start > Run and type firewall.cpl. The Windows
Firewall window opens.

Click on the “Advanced Settings” link on the left pane. The Windows Firewall with
Advanced security window opens.

Click on the “Inbound Rules” option.

On the left pane, click on “New rule”.

Select “TCP” and “specific local ports” options.

Key in the port number, the default port is TCP port 135.

Click Next.

Select the option “Allow the connection”.

Click Next, do not change any option here and click Next again.

Specify a name for this rule.

Click Finish.

To add a program exception:

On the client operating system, go to Start > Run and type firewall.cpl.

Click on the “Advanced Settings” link on the left pane.

Windows Firewall with Advanced security window opens up.

Click on the “Inbound Rules” option.

On the left pane, click on “New rule”.

Under “Rule Type” select the option “Program” and click next.

Select the option “This Program path”.

Browse to the Veritas System Recovery service location [Default location for System
Recovery: C:\Program Files\Veritas\Veritas System Recovery\Agent\Vprosvc.exe”
location.

Select the option “Allow the connection”.

Click Next, do not change any option here and click Next again.
 Specify a name for this rule.

Click Finish.

Conclusion:

From the practical we can learn and know about firewall rules for inbound and
outbound.