A Practical Guide to Windows Firewall | Configuring Inbound and Outbound Rules with Real-Time Testing

A firewall is a security tool that controls network traffic based on predefined rules. In Windows, Inbound and Outbound rules are used to allow or block traffic. This guide will focus on the practical implementation of firewall rules, including:

• Applying inbound and outbound rules

• Verifying whether rules are working

  
  

• Testing blocked ports with real-time examples

Step 1: Open Windows Firewall Advanced Settings

1. Press Win + R, type firewall.cpl, and press Enter.

2. Click Advanced Settings on the left panel.

3. The Windows Defender Firewall with Advanced Security window will open.

Step 2: Creating an Inbound Rule (Block Remote Desktop Access - RDP Port 3389)

Scenario: You want to block Remote Desktop (RDP) connections from external systems.

Steps:

1. In the Windows Firewall with Advanced Security, click Inbound Rules.

2. Click New Rule… in the right panel.

3. Select Port and click Next.

4. Choose TCP and enter 3389 (RDP Port). Click Next.

5. Select Block the connection and click Next.

6. Check all options (Domain, Private, Public) and click Next.

7. Name the rule Block RDP Access and click Finish.

How to Check If the Rule Works?

• Try connecting to the system via Remote Desktop Connection (mstsc) from another machine.

• If the rule is working, the connection will be blocked.

Step 3: Creating an Outbound Rule (Block Internet Access on Port 80 & 443)

Scenario: You want to block internet access by disabling HTTP (Port 80) and HTTPS (Port 443).

Steps:

1. Click on Outbound Rules in the left panel.

2. Click New Rule… in the right panel.

3. Select Port and click Next.

4. Choose TCP and enter 80, 443 (HTTP & HTTPS). Click Next.

5. Select Block the connection and click Next.

6. Check all options (Domain, Private, Public) and click Next.

7. Name the rule Block Internet and click Finish.

How to Check If the Rule Works?

• Open a web browser (Chrome, Firefox) and try accessing any website (e.g., www.google.com).

• If the rule is working, the page won’t load and will show a connection error.

• You can also ping a website (ping www.google.com). If ping works but websites don’t open, HTTP/HTTPS is blocked correctly.

Step 4: Verifying Firewall Rules (Checking If They Work)

Method 1: Checking Blocked Websites

1. Open Command Prompt (cmd) and type:

   ping www.google.com
   

   • If ping replies, your outbound rule is not working (since ICMP is still allowed).

   • If ping fails, the rule is correctly blocking traffic.

Method 2: Checking Blocked Ports Using Netstat

1. Open Command Prompt and run:

   netstat -an | findstr :80
   

   • If Port 80 is blocked, no connection should be active.

   • If active connections appear, the rule is not working correctly.

Method 3: Using Telnet to Test Blocked Ports

1. Open Command Prompt and run:

   telnet www.google.com 80
   

   • If the connection fails, the firewall is blocking port 80 correctly.

   • If it connects, the rule is not applied correctly.

How to Remove or Modify Firewall Rules

If you need to edit or delete a firewall rule:

1. Open Windows Firewall with Advanced Security.

2. Click Inbound Rules or Outbound Rules (depending on the rule type).

3. Find your rule (e.g., Block Internet), right-click, and choose:

   • Disable Rule (temporarily turn off)

   • Delete Rule (permanently remove)

   • Properties (modify settings)

Conclusion

Windows Firewall is a powerful tool to control network traffic. By creating inbound and outbound rules, you can restrict access to critical services, block specific ports, and enhance security. Always verify firewall rules using ping, netstat, and telnet to ensure they are working as expected.

By following this practical guide, you can effectively apply and test firewall rules in real-world scenarios. 

Frequently Asked Questions (FAQs)

What is Windows Firewall?

Windows Firewall is a built-in security tool in Windows that controls incoming and outgoing network traffic based on predefined security rules.

What is the difference between inbound and outbound rules?

• Inbound rules control traffic entering the system.

• Outbound rules control traffic leaving the system.

How do I open Windows Firewall settings?

Press Win + R, type firewall.cpl, and press Enter. Click Advanced Settings to access rule configurations.

How do I create an inbound rule in Windows Firewall?

Go to Windows Firewall with Advanced Security → Click Inbound Rules → Click New Rule → Select Port or Program → Define conditions → Apply rule.

How do I create an outbound rule in Windows Firewall?

Go to Windows Firewall with Advanced Security → Click Outbound Rules → Click New Rule → Select Port or Program → Define conditions → Apply rule.

How can I block internet access using Windows Firewall?

Create an Outbound Rule for ports 80 (HTTP) and 443 (HTTPS) and set it to Block the connection.

How do I check if a firewall rule is working?

Use command-line tools like:

• ping – Check connectivity

• netstat -an | findstr :80 – Verify active connections

• telnet 80 – Check if port is blocked

Why is my firewall rule not working?

Possible reasons include:

• The rule is misconfigured (wrong port or application).

• Another rule overrides it.

• The firewall is disabled.

How can I allow a blocked program through Windows Firewall?

Go to Windows Firewall with Advanced Security → Click Inbound Rules or Outbound Rules → Find the blocked program → Edit or remove the rule.

How do I block Remote Desktop (RDP) using Windows Firewall?

Create an Inbound Rule to block Port 3389 (RDP).

How can I test if Port 80 is blocked?

Run:

telnet www.google.com 80

If it fails, Port 80 is blocked.

What happens if I block Port 443?

Port 443 is used for secure HTTPS connections. Blocking it prevents secure browsing.

How do I disable a firewall rule temporarily?

Go to Windows Firewall with Advanced Security, right-click the rule, and select Disable Rule.

Can I block a specific website using Windows Firewall?

Windows Firewall blocks ports, not websites. To block websites, use Windows Hosts file or DNS filtering.

How do I reset all Windows Firewall rules?

Run the following command in Command Prompt (Admin):

netsh advfirewall reset

This resets all rules to default.

Does blocking outbound traffic affect all applications?

Yes, unless you specify which applications or ports are affected.

How can I check which ports are open?

Run:

netstat -an

This lists all open and listening ports.

How can I allow a specific IP through Windows Firewall?

Create an Inbound Rule → Choose Custom → Under Scope, specify the allowed IP.

How do I monitor blocked traffic in Windows Firewall?

Enable firewall logging:

1. Open Windows Firewall with Advanced Security.

2. Go to Monitoring → Firewall Logging.

Can I block FTP traffic using Windows Firewall?

Yes, block Port 21 (FTP) using an Outbound Rule.

How do I prevent apps from bypassing Windows Firewall?

Ensure users don’t have admin rights and use Group Policy to enforce firewall settings.

Can I block all internet access except for specific sites?

Yes, but it requires whitelisting specific IPs or using proxy settings.

Why can I still access Google after blocking Port 80 and 443?

If Google services still work, check if another application (like a VPN) is bypassing the firewall.

How can I block torrents using Windows Firewall?

Block common torrent ports (6881-6889, 6969, etc.) using Outbound Rules.

Does blocking ICMP affect normal browsing?

No, blocking ICMP only prevents ping responses.

How can I export and import firewall rules?

Use these commands in Command Prompt (Admin):

• Export:

  netsh advfirewall export "C:\firewall-rules.wfw"
  

• Import:

  netsh advfirewall import "C:\firewall-rules.wfw"
  

How do I permanently disable Windows Firewall?

Run:

netsh advfirewall set allprofiles state off

(⚠️ Not recommended for security reasons.)

How can I log all blocked connections?

Enable logging in Advanced Security → Monitoring → Firewall Logging and check pfirewall.log.

What happens if I disable Windows Firewall?

Your system becomes vulnerable to unauthorized network access and cyber threats.

Can I use Windows Firewall along with an antivirus firewall?

Yes, but avoid conflicts by ensuring rules don’t overlap.

How do I allow only VPN traffic through Windows Firewall?

Create an Outbound Rule to allow only your VPN’s IP range and block all other traffic.