SEARCH

How-To Geek

Create a Shortcut Icon or Hotkey to Turn Windows 7 / Vista Firewall On or Off

When you are troubleshooting network problems, one of the first things to do is disable the built-in Windows Firewall… but there are just way too many steps required to the firewall on and off. Can’t we make a simple shortcut icon instead?

Naturally we can, using the built-in netsh utility that is usually used on the command line to perform advanced networking functions. We’ll simply create a shortcut to it with the appropriate parameters.

Note: Always remember to turn the Firewall back on after you are done troubleshooting, especially if you use public wireless networks.

Create Shortcut Icons for Enable/Disable

Right-click on the desktop or elsewhere, and choose New \ Shortcut from the menu.

image

Then in the shortcut location box, you’ll add one of two commands listed below.

image

Disable Firewall

netsh firewall set opmode disable

Enable Firewall

netsh firewall set opmode enable

Once you’ve added the correct command, go to the next screen and give the shortcut a helpful name like “Disable Firewall”

image

At this point you should have a shortcut icon, but it won’t work yet without choosing to run as administrator.

image

Right-click the shortcut and choose Properties, and then choose the shortcut tab.

image

In this screen you can assign a shortcut key for this shortcut by adding it into the Shortcut key box. The most important step is to click the Advanced button, so we can choose “Run as administrator” to always run the shortcut in administrator mode.

image

You can also change the icon by using the Change Icon button. If you want the shortcuts to really match, you can change the “Look for icons in this file” to the following:

%SystemRoot%\system32\imageres.dll

In that file you can find the red shield icon as well as the green one…

image

So now I have two shortcuts that not only look good, but are functional.

image 

If you want to verify that the shortcuts are working, use one of them and then open Windows Firewall through the start menu, and click on the link for “Turn Windows Firewall on or off”

image

Then you should be able to see that the firewall is either on or off.

image

The same shortcuts should also work on Windows XP or Windows 7, even though the screenshots are all for Windows Vista. You don’t need to run as administrator in XP, of course.

Note: Using these shortcuts will very briefly flash the command prompt window on the screen. For extra credit, you could use the hstart utility in your shortcut to hide the command prompt window.

Update: This has been successfully tested on Windows 7 as well.

Lowell Heddings, better known online as the How-To Geek, spends all his free time bringing you fresh geekery on a daily basis. You can follow him on if you'd like.

  • Published 06/5/08

Comments (19)

  1. Shane Conder

    Nice tip; thanks. I added mine to my quick launch bar so they wouldn’t take up desktop space. Using the real icons as a nice, finished look to it.

  2. Christopher

    Personally, since I have a other firewall software installed (Norton Internet Security), I just go to the Services panel in mmc.exe and TOTALLY turn off Windows Firewall. Stop the service, set the Windows Firewall service to manual, and go!

    Amazingly, that sped up my Windows Vista computer quite a bit for some reason, while still keeping me reasonably protected.

  3. Higham

    To turn off Windows Firewall service (if you have a program that contains a built-in firewall): -

    1. Click Start, type SERVICES.MSC and press [Enter].
    2. Scroll down and then double-click “Windows Firewall”.
    3. Set ‘Startup type’ to Disabled, click Apply, click Stop and then click OK.

    Now in Windows Firewall, it will say “The Windows Firewall service is not running”.

  4. 1fastbullet

    Using XP Pro and XP Home, I have always been under the impression that the Windows firewall was less than effective. Consequently, I chose to install Comodo and disable the Windows firewall. Have I been under a mistaken impression?
    Is the firewall in Vista any better than, or is it the same as the XP firewall?

  5. The Geek

    @1fastbullet

    The Windows Firewall is excellent, especially for easily blocking traffic coming inbound.

    I imagine that some of the other firewalls might do a better job of alerting you when applications try to connect outbound… but really, I’ve never needed to use anything other than the default one.

  6. Christopher

    Yeah, The Geek has the main reason for using another firewall software correct: Windows Firewall does NOT do well with rejecting outbound connections after something that you do not want manages to get on your computer.
    That is the main reason why people upgrade to NIS2008, McAfee’s product, or something similar that manages outbound connections in real-time.

  7. The Geek

    @Christopher

    Personally I just try and avoid getting spyware on the computer in the first place =)

  8. Chris James

    Nice article but why would you ever want to disable your firewall anyway?

  9. Shane Conder

    @Chris James: If you’re at home or in another safe environment, it’s often much easier to play with services with the firewall off than with it on. That’s assuming, of course, your network is firewalled.

    I recently had to turn mine off for TVersity to work, even though I allowed connections on the ports it was using.

    I also agree with “The Geek” about getting malware… just don’t get it. Vista helps a _ton_ with that, too, with it’s best of breed “nuisance” security — that has a side effect of actually working.

  10. ToyangQ

    nice article.. thanks

  11. Ajay@Readerszone.com

    real good one.

  12. marco

    %SystemRoot%\system32\imageres.dll

    where is the imageres.dll file in WinXP??

    Thank You.

  13. jd2066

    @marco: imageres.dll doesn’t exist in Windows XP. You can find similar icons on Windows XP in %SystemRoot%\system32\xpsp2res.dll

  14. marco

    @jd2066
    thank’s…

  15. sam gueydan

    I made the firewall icons and they work, very cool…

    now– anyway to remind the user that the firewall is down? i was th8inking like changing the background or placing a icon on the desktop with “shield are down”

    and change it back when you run the shilds up shortcut….

    ok, so im being picky— sue me..(BG)

    anyway, thants for the tip….

  16. daveuk

    One comment – you shouldn’t use “netsh firewall” as it’s the old (XP) netsh firewall context. The new one in Windows Vista is “netsh advfirewall”. The difference being that the “netsh advfirewall” context understands the Vista network profiles (Domain, Private, Public) whereas the old netsh firewall context does not understand the Public profile. If you want to ensure that you are turning the Firewall off for ALL network profiles then you should use “netsh advfirewall set allprofiles state off”.

    Also, one of the comments above mentioned disabling the Windows Firewall service. This is a bad idea. You shouldn’t need to disable the service (turning Windows Firewall off using the netsh advfirewall context is enough). By disabling the service you are losing more than just Firewall (IPsec policy is also managed by the Firewall service) and you will lose other protections that are in place while your PC is booting (yes, you need the firewall to protect your machine from unsolicited network traffic while it’s booting).

  17. Annoyed

    Any idea of how to turn it off with out having permissions for it?
    I’m on a highly limited work computer, limited in the since that I am blocked from most things even though the computer is actually meant for our entritaiment -_-
    Frankly I won’t care if this pile of junk would get a billion worms and viruses on it, I just want my mIRC to connect but it’s blocked -_-…

    I have (finally) access tot he command line, wich might help, but no idea how to use it for this…
    I was thinking about manual editing of the registry that has it stored wether or not the firewall is on, if one exists.

    I will be very happy for any ideas you might be able to give me here or on e-mail ;)

  18. calebstein

    My computer (Windows 7 Ultimate x64) blue-screened when I was changing the icon for the disable firewall shortcut.

  19. RoninV

    This was a great How-To, but there seems to be an issue.

    ‘Block all incoming connections’ is not selected when these shortcuts are used. In fact, if a user goes the ‘way too many steps required to the firewall on and off’ route and elects to block all incoming connections, and then uses the Disable shortcut to disable the firewall, the Enable shortcut does not switch on the ‘block all incoming connections’ option back on. Any advice?

Get Free Articles in Your Inbox!

Join 134,000 newsletter readers

Email:

Go check your email!