Thursday, August 16, 2012

Windows 2003 - Enable OS firewall to allow exceptions by IP(s) and IP range(s).

There is no elegant way to do this on Windows 2003 Server.

The following will add TCP ports 5500 to 5700 one at a time - run at the command line.

"FOR /L %I IN (5500,1,5700) DO netsh firewall add portopening TCP %I "Passive FTP"%I"

The inelegant way is to add port range, you can use the GUI to add that range to a defined port then export that registry entry and make changes to that .reg file and import it back.

Will update details at later time.