Windows 7 / Networking

How to Troubleshoot Firewall Problems

Many attacks are initiated across network connections. To reduce the impact of those attacks, Windows Firewall by default blocks unrequested, unapproved incoming traffic and unapproved outgoing traffic. Although Windows Firewall will not typically cause application problems, it has the potential to block legitimate traffic if not properly configured. When troubleshooting application connectivity issues, you will often need to examine and possibly modify the client's or server's Windows Firewall configuration.

Misconfiguring Windows Firewall can cause several different types of connectivity problems. On a computer running Windows 7 that is acting as the client, Windows Firewall might block outgoing communications for the application (though blocking outgoing communications is not enabled by default). On a computer running Windows 7 that is acting as the server (for example, a computer that is sharing a folder), Windows Firewall misconfiguration might cause any of the following problems:

  • Windows Firewall blocks all incoming traffic for the application.
  • Windows Firewall allows incoming traffic for the LAN but blocks incoming traffic for other networks.
  • Windows Firewall allows incoming traffic when connected to a domain network but blocks incoming traffic when connected to a public or private network.

The symptoms of client- or server-side firewall misconfiguration are the same: application communication fails. To make troubleshooting more complex, network firewalls can cause the same symptoms. Answer the following questions to help identify the source of the problem:

  1. Can you connect to the server from other clients on the same network? If the answer is yes, you have a server-side firewall configuration problem that is probably related to the configured scope of a firewall exception. If adjusting the scope of the firewall exception does not solve the problem, it is probably caused by a network firewall, and you should contact your network administrators for further assistance.
  2. Can you connect to the server when the client is connected to one type of network location (such as a home network or a domain network), but not when it is connected to a different type of network location? If the answer is yes, you have a client-side firewall configuration problem that is probably caused by having an exception configured for only one network location type.
  3. Can other clients on the same network connect to the server using the same application? If the answer is yes, you have a client-side firewall configuration problem that is probably caused by having a rule that blocks outgoing traffic for the application.
  4. Can the client connect to other servers using the same application? If the answer is yes, you have a server-side firewall configuration problem, and the server needs a firewall exception added. If adding an exception does not solve the problem, it is probably caused by a network firewall, and you should contact your network administrators for further assistance.
[Previous] [Contents]

In this tutorial:

  1. Troubleshooting Network Issues
  2. Tools for Troubleshooting
  3. Table-1 Network Troubleshooting Tools
  4. Arp
  5. How to Identify a Problem with the ARP Cacher
  6. How to Clear the ARP Cache
  7. Event Viewer
  8. IPConfig
  9. Nblookup
  10. Nbtstat
  11. Net
  12. How to View Shared Folders on the Local Computer
  13. How to View Shared Folders on Another Computer
  14. Netstat
  15. Network Monitor
  16. Nslookup
  17. Verifying that the Default DNS Server Resolves Correctly
  18. Verifying that a Specific DNS Server Resolves Correctly
  19. Verifying Specific Types of Addresses
  20. Using TCP for DNS Lookups
  21. PathPing
  22. PathPing Output
  23. Routing Loops
  24. Performance Problems
  25. Possible Connectivity Issues
  26. No Connectivity Issues
  27. Performance Monitor
  28. Data Collector Sets
  29. Windows Resource Monitor
  30. Ping
  31. PortQry
  32. Identifying the TCP Port for a Service
  33. Windows 7 Testing Service Connectivity
  34. Determining Available Remote Management Protocols
  35. Why PortQry Is Great
  36. Route
  37. Task Manager
  38. TCPView
  39. Telnet Client
  40. Testing Service Connectivity
  41. Test TCP
  42. Windows Network Diagnostics
  43. The Process of Troubleshooting Network Problems
  44. How to Troubleshoot Network Connectivity Problems
  45. How to Troubleshoot Application Connectivity Problems
  46. Default Port Assignments for Common Services and Tasks
  47. How to Troubleshoot Name Resolution Problems
  48. How to Verify Connectivity to a DNS Server
  49. How to Use the Hosts File
  50. How to Troubleshoot Performance Problems and Intermittent Connectivity Issues
  51. How to Troubleshoot Joining or Logging on to a Domain
  52. How to Verify Requirements for Joining a Domain
  53. How to Troubleshoot Network Discovery
  54. How to Troubleshoot File and Printer Sharing
  55. How to Troubleshoot File and Printer Sharing from the Client
  56. How to Troubleshoot File and Printer Sharing from the Server
  57. How to Troubleshoot Wireless Networks
  58. Network Diagnostics
  59. How to Troubleshoot Firewall Problems