The Windows Firewall acts like a fence between your computer and the rest of the Internet world, keeping unwanted network traffic from coming in, and keeping apps on your computer from communicating with the outside world. But every fence needs a gate, and that’s where exceptions come in.
When you allow an app to communicate through the firewall, it’s called adding an “exception”. For the most part, this all happens automatically. Windows creates exceptions for its own system services and apps, and when you install a new app that wants to communicate with the outside world, Windows will ask you if it’s allowed to do so.
Sometimes, though, you might want to create an exception manually to allow an app to communicate with the Internet. Perhaps it’s a app you originally said no to when Windows asked, but now you’ve changed your mind. Or maybe it’s an app that just didn’t get configured automatically for some reason. In those cases, you’ll need to head into Windows’ firewall settings.
How to Add an Exception Manually
Start the Windows Firewall settings by clicking Start and searching for Firewall. Click the Windows Firewall app and not Windows Firewall with Advanced Security. We’ll talk about that one a bit later.
The Windows Firewall screen shows you how the firewall is configured for both private networks (such as your home or work) and public networks (the ones you connect to on your laptop out in the world). On the list of settings to the left, click “Allow an app or feature through Windows Firewall”.
The next view shows you a list of all the apps that are already allowed to communicate, and over what kinds of networks (private or public). If it’s the first time you’ve opened Windows Firewall, click the Change Settings button to give yourself permissions to make changes or add new apps. You’ll only need to do this once. To add a new app to the list, click “Allow another app”.
In the Add an app window, browse for the app you want to allow network access to. Click the Network types button to specify whether you want to allow the app access on public or private networks (or both). Click Add when you’re done and that’s it. You’ve allowed the app through your firewall–you’ll see it show up on the list of allowed apps, and it should be allowed to use internet or network-related features.
How to Configure Advanced Firewall Rules
Windows actually provides you with two different interfaces for working with the firewall. The basic Settings interface we just looked at is by far the simplest way just to allow an app to communicate. Another tool, Windows Firewall with Advanced Security, has a lot more options. You can use it do things like:
- Create rules governing inbound and outbound traffic for not just apps, but also network traffic coming in over a specific port. A good use of this might be directing incoming traffic that uses a particular port number to a selected app.
- Direct network traffic to particular computers on your local network based on the app or port numbers.
- Create connection security rules that force other computers attempting to communicate with yours to use different types of authentication protocols to establish their identity.
- Monitor the use of rules and other security associations.
It’s unlikely that you’ll ever need any of the features offered by Windows Firewall with Advanced Security except in special circumstances. Perhaps you use one of your computers to share your Internet connection and serve as the main firewall for your network. Still, it’s helpful to know the options are there if you need them, even it’s only for knowing why two different Windows Firewall apps appear when you search for them.
Also keep in mind that most homes and businesses have a dedicated hardware firewall built into their router, making it even less likely you’ll need these types of features on your Windows computer. If you do need to set up rules for directing traffic, you’ll probably do it on the router itself.