Tuesday, February 1, 2005

How to Configure the Windows XP Firewall, part 1

I suppose if I’m going to get on my soapbox about learning how to configure the Windows XP SP2 firewall, I should probably do a “how-to” guide on the subject. You know, “Put up or shut up!”, right? Here goes.

There are several ways to get to the XP firewall. If you have a preferred path, use it. Otherwise, click Start, then Control Panel, then double-click Network and Internet Connections, and click Windows Firewall. There are three tabs on the Windows Firewall Configuration window: General, Exceptions, and Advanced.

The General tab allows you to turn the firewall on or off and to allow or disallow exceptions. Think of exceptions this way: By default, the firewall doesn’t allow any incoming connections except Remote Assistance. As you work, various applications will request to be allowed access from the Internet. If you choose to allow such access, the application will be listed under the exceptions tab. There may be times, however, when you don’t want to allow such exceptions. An example might be when you’re connected to a non-trusted WiFi network at a coffee shop or in an airport. In those types of settings, you can deny pre-configured exceptions by checking the box “Don’t allow exceptions”.

Under the Exceptions tab, you’ll see all of the applications that you’ve allowed to accept incoming connections. You can remove applications from the list or manually add any applications that need to accept incoming connections. You can also allow incoming connections by TCP or UDP port numbers. For example, suppose that you want to allow Cisco devices to connect to a TFTP server on your computer for configuration backup and restore. On the Exceptions tab, click Add port… and enter TFTP for the name, specify 69 for the port number, and push the radio button for UDP. Use similar procedures for any other ports you wish to enable.

I’ll discuss the Advanced tab in my next blog entry. Want to know more about supporting Windows? Check out our accelerated Windows training, available in both public and onsite seminars and workshops.

No comments: