netsh advfirewall firewall

Dec 14, 2010 at 9:46 AM

The firewall must also be configured to allow inbound connections on the listening port. For the Windows Firewall, this can also be configured via the built-in "netsh" command, for example:
netsh advfirewall firewall add rule name="TFS Deployer Notification" dir=in action=allow protocol=TCP localport=8881 remoteip=localsubnet profile=domain

I am using Windows Server 2003 R2, i get the followinge error message when i execute the above.

C:\>netsh advfirewall firewall add rule name="TFS Deployer Notification" dir=inaction=allow protocol=TCP localport=8881 remoteip=localsubnet profile=domain The following command was not found: advfirewall firewall add rule "name=TFS Deployer Notification" dir=in action=allow protocol=TCP localport=8881 remoteip=localsubnet profile=domain.

Has any one come across the same?

Coordinator
Dec 14, 2010 at 9:26 PM

The command line firewall configuration is specific to Server 2008, Vista, and later. Old versions of Windows may require a different command line or manual changes via the user interface. The important part is to allow inbound traffic on whichever TCP port has been chosen in the BaseAddress configuration setting of the TFSDeployer.exe.config file.

Regards,

Jason

Dec 15, 2010 at 10:38 AM

Thanks for your reply. Adding this to the knowledge base just in case sum one else needs it,

The equallent command for Windows 2003 R2 is

netsh firewall add portopening TCP 8881 “TFS Deployer Notification” profile=Domain remoteip=localsubnet

NOTE - Make sure that the firewall service is enabled before you execute this command other wise you might get the message Service not found. You can use the following command to enable the firewall service

C:\>netsh firewall set opmode enable