Recently I had to manually open ports TCP on Windows 8.1
Usually what is open by default in Windows is enough, but if you are experiencing problems, for example, connecting to the mail server, and the usual ways to solve such problems (clearing the cache, changing security settings, disabling firewall) do not help, you may need to open one or another port for network connections.

Wikipedia: The term firewall or its English equivalent firewall is also used to mean “firewall”.
TLS (English Transport Layer Security - transport layer security, like its predecessor SSL (English Secure Socket Layers - secure socket layer) - cryptographic protocols that provide secure data transfer between nodes on the Internet.
SMTP uses TCP port 25 by default. SSL protocol for sending mail uses port 465 by default.
POP3 uses TCP port 110 by default. TLS protocol for receiving mail uses port 995 by default.

In order to open TCP or UDP ports, you must:

1. Click the button and go to Applications Windows 8.1.
2. Find and click the icon Control Panel.
3. Select Windows Firewall.
4. In the left panel Control Panel\All Control Panel Items\Windows Firewall click on Extra options.
5. A window will open.
6. In case of request from UAC Enter the administrator password to confirm the action.

Wikipedia: User Account Control(English: User Account Control, UAC) - component of operating systems Microsoft Windows, first appeared in Windows Vista. This component prompts you to confirm actions that require administrator rights to help protect against unauthorized use of your computer. The computer administrator can disable User Account Control in the Control Panel.

7. Click on Rules for incoming connections in the left pane of the window Windows Firewall with Advanced Security incoming connections, for example, for port 995 of the mail server, or on Rules for outgoing connections, if you need to create a rule for outgoing connections, for example, for port 465 of the mail server.

8. Click on Create a rule... in the right panel.
9. After this a window will open Wizard for creating a rule for a new outgoing connection. Select a button For port and press the button Further:

10. Choose TCP protocol And Specific Remote Ports, we enter, for example, required number port 465 and press the button Further:

11. Choose Allow connection and press Further:

12. Select the profile to which the rule applies:

13. We indicate Name And Description of this rule and press the button Ready.

All! The port is open to network connection. If you need to open multiple ports, you must repeat the above steps for each port separately.

Settings Wi-Fi router carried out in its control panel via the web interface. Therefore, configuration changes can be accessed through any browser. To do this, just open page 192.168.0.1 or 192.168.1.1 (depending on the router model). Next you will need to enter your username and password. By default, both of these parameters are set to admin.

If the default username and password do not work, and you did not change these data, they may have been changed by the wizard when connecting or setting up the Internet. For security reasons, some providers change the default login information. In this case, they can be found in the contract or at the bottom of the router, on a separate sticker.

Advice! Don't forget to change your login details Wi-Fi settings router. You can do this in the “System Tools -> Password” menu.

Changing your password will significantly secure your network and help prevent unauthorized access or resets. The settings will take effect after the device is rebooted.

If authorization in the router control panel is successful, a status page will open, which displays basic information about the router, Wi-Fi wireless broadcast data and the status of the current Internet connection.

Preconfiguration for port forwarding

Before forwarding, you need to change the settings for the distribution of local IP addresses within the network created by the TP-Link router. The device on which it will be used in the future open port, you need to set a constant internal address. DHCP is responsible for addressing within the local network, so you need to open the menu “DHCP -> List of DHCP Clients”. This window will display a list of devices connected to your network. Are looking for required device by name and copy its MAC address.

In the case shown in the screenshot, finding the necessary device was not difficult, since in home network only one device was registered. However, there are situations when a significant number of devices are connected to the network, and the name required computer unknown or not displayed. In this case, you can find out the computer address directly through the operating system. The easiest way is to use a special command on the command line.

Press Win+R keys to open the run window new program. In it, enter cmd and click OK.

After entering the getmac command, you will receive the necessary data that you will later need to forward ports on your TP-Link router.

If an error occurs when executing a command, it is recommended to repeat the operation by running the command prompt as an administrator.

After this, you need to open the menu “DHCP -> DHCP Settings”. This page will display the range of IP addresses within which the computers on your network are addressed. In the case in the screenshot, the starting address is: 192.168.0.100, the ending address: 192.168.0.199. This data will be needed in the next step.

Next, you need to open the “DHCP -> Address Reservation” page and click the “Add new...” button. Without completing this step, port forwarding on a TP-Link router will not bring the desired result, since the computer will be assigned a new local address each time.

In the "MAC Address" field, paste the combination that you copied from the list of DHCP clients or the command line. In the “Reserved IP address” field, enter any address that is within the range specified in the DHCP settings of the TP-Link router. Click the "Save" button.

The added MAC address to IP binding will appear in the list, but for normal operation of address reservation, you will need to restart the Wi-Fi router, which the system will warn you about.

Reboot TP-Link router You can programmatically in the menu “System Tools -> Reboot”.

Opening ports on a TP-Link router

After completing these preparatory steps, you can begin to directly open the ports. In order to open them on the TP-link router, go to the menu “Forwarding -> Virtual servers" and select adding a new entry

Fill in the fields with port numbers. In the IP address field, enter the value that you have reserved for your computer. If necessary, select a protocol. In the “Status” field, leave the “Enabled” checkbox so that the settings take effect immediately after rebooting the Wi-Fi router. If you want to forward standard ports of one of the services, you can do this by selecting the required service in the last drop-down list. There is no fundamental difference between entering it manually and selecting from a list, but this function can be useful if you do not remember the port number that needs to be opened.

The TP-Link Wi-Fi router offers the following services for which you can forward standard ports:

• GOPHER
• TELNET

The maximum number that can be opened on TP-Link: 65535.

In some cases, it may be necessary not to simply forward, but to dynamically open ports in response to an incoming event. You can configure this function in the adjacent menu: “Forwarding -> Port Triggering”. The most common use for this setting is working with complex applications that receive many incoming connections (online games, Internet telephony, and video conferencing applications). To create a new Port Triggering entry, click Add New.

For some software products to function correctly, certain ports must be opened. Let's establish how this can be done for Windows 7.

Before opening the port, you need to have an idea of ​​why you are performing this procedure and whether it needs to be done at all. After all, this can serve as a source of vulnerability for the computer, especially if the user gives access to unreliable applications. At the same time, some useful software products require specific ports to be opened for optimal operation. For example, for the game Minecraft it is port 25565, and for Skype it is 80 and 433.

This problem can be solved using built-in Windows tools(Firewall and Command Line settings), and using separate third party programs(for example, Skype, uTorrent, Simple Port Forwarding).

But you should remember that if you are not using a direct connection to the Internet, but a connection through a router, then this procedure will only bring results if you open it not only in Windows, but also in the router settings. But we will not consider this option, since, firstly, the router is indirectly related to the operating system itself, and secondly, the settings of certain brands of routers differ significantly, so there is no point in describing a specific model.

Now let's look at specific opening methods in more detail.

Method 1: uTorrent

Let's start looking at ways to solve this problem in Windows 7 with an overview of actions in third-party programs, in particular in the uTorrent application. It must be said right away that this method Suitable only for those users who have a static IP.

1. Open uTorrent. Click on the menu "Settings". Move by position in the list "Program settings". You can also use a combination of buttons Ctrl+P.



2. The settings window opens. Move to section "Compound" using the side menu.



3. In the window that opens, we will be interested in the parameter block "Port Settings". To the region "Incoming connection port" enter the number of the port you need to open. Then click "Apply" And "OK".



4. After this action, the specified socket (port bound to a specific IP address) must be open. To check this, click on the uTorrent menu "Settings", and then go to the item "Setup Assistant". You can also use a combination Ctrl+G.



5. The Setup Assistant window opens. Check off the item "Speed ​​Test" can be removed immediately, since this block is not needed for the task at hand, and checking it will only take time. We are interested in the block "Net". There must be a check mark next to its name. In field "Port" should be the number that we opened earlier through the uTorrent settings. It is pulled into the field automatically. But if for some reason a different number is displayed, you should change it to the right option. Next click "Test".



6. The procedure is running to check whether the socket is open.



7. After the verification procedure is completed, a message will be displayed in the uTorrent window. If the task is completed successfully, the message will be as follows: "Results: the port is open". If the task cannot be completed, as in the image below, the message will be as follows: . Most likely, the reason for the failure may be that the provider provides you with a dynamic IP rather than a static one. In this case, you will not be able to open the socket via uTorrent. How to do this for dynamic IP addresses in other ways will be discussed below.

Method 2: Skype

The next way to solve the problem involves using a program to Skype communication. This option is also suitable only for those users to whom the provider has allocated a static IP.

Method 3: "Windows Firewall"

This method involves performing manipulations through the Windows Firewall, that is, without using third party applications, but only using the resources of the operating system itself. This option is suitable for both users using static IP address, and those using dynamic IP.

1. To launch Windows Firewall, click "Start", then click on "Control Panel".



2. Next click "System and safety".



3. After that press "Windows Firewall".

   

   There is also a faster option for going to the desired section, but it requires memorizing a specific command. It is carried out using a tool "Run". Call it by clicking Win+R. Enter:

   Click "OK".



4. Any of these actions will launch the Firewall configuration window. In the side menu, click "Extra options".



5. Now use the side menu to navigate to the section "Rules for incoming connections".



6. The Inbound Rules Management Tool opens. To open a specific socket, we have to form a new rule. In the side menu, click "Create a rule...".



7. The rule generation tool is launched. First of all, you need to choose its type. In the block “What type of rule do you want to create?” set the radio button to position "For the port" and click "Further".



8. Then in the block "Specify the protocol" leave the radio button in position "TCP Protocol". In the block "Specify ports" put the radio button in position . In the field to the right of this parameter, enter the number of the specific port that you are going to activate. Click "Further".



9. Now you need to specify an action. Set the switch to position "Allow connection". Click "Further".



10. Then you should specify the type of profiles:
    • Private;
    • Domain;
    • Public.

    There should be a check mark next to each of these items. Click "Further".



11. In the next window in the field "Name" you need to specify an arbitrary name for the rule being created. In field "Description" You can optionally leave a comment on the rule, but this is not required. After this you can click "Ready".



12. So, a rule for the TCP protocol has been created. But to ensure correct operation, you also need to create a similar entry for UDP for the same socket. To do this, press again "Create a rule...".



13. In the window that opens, again set the radio button to the position "For the port". Click "Further".



14. Now set the radio button to position "UDP Protocol". Below, leaving the radio button in position "Specific local ports", we set the same number as in the situation described above. Click "Further".



15. In the new window we leave the existing configuration, that is, the switch should be in the position "Allow connection". Click "Further".



16. In the next window, again make sure that the checkboxes next to each profile are checked, and click "Further".



17. At the final step in the field "Name" enter the name of the rule. It must be different from the name that was assigned to the previous rule. Now you should press "Ready".



18. We have created two rules that will ensure that the selected socket is activated.

Method 4: "Command Line"

You can complete the task using the Command Line. It must be activated with administrative rights.

Method 5: Port Forwarding

Let’s complete this lesson by describing a method using an application that is specifically designed to perform this task - Simple Port Forwarding. Application the specified program is the only option of all those described, by performing which you can open a socket not only in the OS, but also in the router parameters, and the user does not even have to go into its settings window. Thus, this method is universal for most router models.

1. After launching Simple Port Forwarding, first of all, for greater convenience of working in this program, you need to change the interface language from English, which is installed by default, to Russian. To do this, click on the field in the lower left corner of the window in which the name of the current program language is indicated. In our case it is "English I English".



2. A large list of different languages ​​opens. Select in it "Russian I Russian".



3. After this, the application interface will be Russified.



4. In field "Router IP address" Your router's IP should automatically appear.

   

   If this does not happen, then you will have to drive it in manually. In the vast majority of cases this will be the following address:

   But it’s still better to make sure it’s correct through "Command line". This time it is not necessary to run this tool with administrative rights, and therefore we will launch it more in a fast way than we considered earlier. Dial Win+R. In the field that opens "Run" enter:

   Click "OK".

   

   Into the opened window "Command line" enter the expression:

   Click Enter.

   

   This will display basic connection information. We need the value opposite the parameter "Main gate". This is what should be entered in the field "Router IP address" in the Simple Port Forwarding application window. Window "Command line" We don’t close it yet, since the data displayed in it may be useful to us in the future.



5. Now you need to find the router through the program interface. Click "Search".



6. A list with the name opens various models more than 3000 routers. In it you need to find the name of the model to which your computer is connected.

   

   If you don’t know the model name, then in most cases it can be seen on the router case. You can also find out its name through the browser interface. To do this, enter in address bar any web browser the IP address that we previously determined through "Command line". It is located near the parameter "Main gate". After it is entered into the address bar of the browser, click Enter. The router settings window will open. Depending on its brand, the model name can be viewed either in the window that opens or in the name of the tab.

   

   After this, find the name of the router in the list provided in the Simple Port Forwarding program and double-click on it.



7. Then in the program fields "Login" And "Password" standard for specific model router data account. If you previously changed them manually, you should enter the current ones on this moment login and password.



8. Next, click on the button "Add Entry" ("Add a note") in the form of a sign «+» .



9. In the window that opens for adding a new socket, click the button "Add special".



10. Next, a window opens in which you need to specify the parameters of the socket to open. In field "Name" write down any arbitrary name, not exceeding 10 characters in length, by which you will identify this entry. In area "Type" leave the parameter "TCP/UDP". This way we won't have to create a separate entry for each protocol. In area "Start Port" And "Terminal port" Enter the number of the port you are going to open. You can even enter a whole range. In this case, all sockets of the specified number interval will be opened. In field "IP address" The data should be pulled up automatically. Therefore, do not change the existing value.

    

    But just in case, you can check it. It must correspond to the value that is displayed next to the parameter "IPv4 address" in the window "Command line".

    

    After all the specified settings have been made, click the button in the Simple Port Forwarding program interface "Add".



11. Then, to return to the main program window, close the add port window.



12. As you can see, the entry we created appeared in the program window. Select it and click "Run".



13. After this, the socket opening procedure will be performed, after which the following message will be displayed at the end of the report: "Adding complete".



14. So, the task has been completed. Now you can safely close Simple Port Forwarding and "Command line".

As you can see, there are many ways to open a port, both using built-in Windows tools and using third-party programs. But most of them will only open the socket in the operating system, and opening it in the router settings will have to be done separately. But there are still separate programs, for example Simple Port Forwarding, that will allow the user to cope with both of the tasks mentioned above simultaneously without manual manipulation of the router settings.

The modern Internet is not only a collection of web pages linked by hyperlinks. The term “Internet” includes any digital information, sometimes used completely different devices. Torrent clients, file sharing networks, software components automatic update, numerous instant messengers and “smart” gadgets - they all use Internet traffic, and it can be transmitted through the same server. In theory, when one server serves tens of thousands of different services, real confusion should arise, but this does not happen, because each client has its own IP address on the network. But this may not be enough.

What are ports in Windows 7/10 and why are they needed?

To distinguish between requests and optimize the connection, protocols and ports are also used. The latter will be discussed today. So what are ports, why are they needed, how can you find out which ports are open on your computer and why should they be open or, on the contrary, closed?

Port is a virtual unit, channel, connection number with remote client or a server allocated to a particular program. Unclear? Let's try to explain more clearly. Imagine a huge building with 65,535 doors. These doors are not simple, leading to internal rooms, but magical, leading to other similar buildings. The house with many doors is your computer, and the doors are ports through which programs establish connections with other computers.

When an application wants to access the network, it reserves a specific port number for itself, so there is no confusion when exchanging numerous data. When the program exits, the port is released, although some ports have their own exceptions. For example, ports 80 and 443 must be open at all times, otherwise some programs will not be able to connect to the Internet, unless their algorithms provide the ability alternative connection. It is advisable to keep other ports locked to avoid network attacks and exploitation by malware.

How to check if a port is open

The concept of a “port” is more or less understood, now let’s find out how to check whether a port is open on a computer or not. There are several ways to check the availability or unavailability of a port(s). The simplest and most obvious is to use online services PortScan.ru or 2ip.ru. To determine whether a port is explicitly open or not, you need to enter its number in a special field and click the “Check” button.

PortScan.ru and similar services also often provide scanner services for open ports on a computer.

You can also view open ports in Windows 7/10 using a regular command line or console PowerShell running with administrator rights. To do this, run the following command in the console:

netstat -aon | more

This will give you a list of active connections. The “Local Address” column will indicate the IP and the actual port number that is currently open. Please also pay attention to the connection status. LISTENING means the port is just listening (waiting for a connection), ESTABLISHED– there is active data exchange between network nodes, CLOSE_WAIT– waits for the connection to be closed, TIME_WAIT indicates that the response time has exceeded.

Alternatively, you can use free utility CurrPorts from the famous developer NirSoft.

The advantages of this utility are that it visually shows not only the local and remote ports used, but also the processes and services associated with them, as well as the paths to them. executable files, their version, description and much more useful information. Additionally, CurrPorts can be used to close selected connections and terminate processes on selected ports.

How to open ports on a computer using Windows

We already know how to determine open ports, now let's see how to open ports on Windows 7/10. As a rule, the standard Windows firewall is used for these purposes. Let's assume that we have closed the used mail clients under the SMTP protocol port 25, and we need to open it. Launch the standard firewall and click on the “Advanced settings” link on the left.

In the new window select Rules for incoming connections – Create a rule.

The rule type must be selected “For port”, the protocol is left as default, that is, TCP, and in the “Specified local ports” field we enter the number of the port we need.

If you need to open several ports, add them separated by commas. Click “Next” and specify the action, in this case “Allow connection”.

And finally, we move on to the last stage of configuration - assigning a name to the rule. The name can be arbitrary, the main thing is that it reflects the essence of the rule.

Why should ports 80 and 443 be open?

Among the many ports, there are those that are reserved popular programs default. For example, ports 80 and 443 are used primarily by browsers (80 for regular and 443 for secure encrypted connections). If these ports are closed, problems may occur. certain problems when connecting to gaming and cloud services, conducting transactions and the like. However, you should not rush to open ports 80 and 443 if they were closed as a result of the scan. If there are no connection problems, it is better to leave everything as it is.

How to find out which ports a specific program is using

You already know how to open a port on a computer with Windows 7/10, now let's see how to determine which program or process is using a particular port. To search for open ports on a PC, we have already suggested using the CurrPorts utility. With its help, you can quickly determine the port used by any network program running on the computer.

Let's say we want to find out which port the program for hiding the IP address occupies FreeHideIP. We launch the CurrPorts utility, find the FreeHideIP process in the first column and look in the “Local Ports” column for the number of the port it uses.

You can determine the port used by the program without any third party tools, using Windows itself. Let's resort to the help of an already familiar utility netstat. Open a command line or PowerShell console as an administrator and run the following command;

netstat -aonb | more

This time we added the parameter to the list of enabled keys b, responsible for displaying the process name. For example, in the attached screenshot you can see that one of the processes Chrome browser with ID 5732 is currently using local port 61233. In principle, you can not use the b key, but then you will need Task Manager.

We find the application process in the Manager, look at its identifier and compare it with the data in the PID column on the command line. But why make extra movements if there is a shorter way?

Good afternoon, dear readers and guests of the blog, we continue to study security in operating systems Microsoft, last time we solved the problem with the long search for Windows 7 updates, installed them and now the system is more protected from the outside world, in today’s article I will touch on such a topic as what ports are and how open port 443 in windows, in a minute. This material will be useful for system administrators and developers.

What are ports in Windows

Let me try to explain in simple terms what a port is. Let's imagine a large microdistrict with big amount multi-storey buildings, each of them has apartments with residents, a total of 65,536, each apartment has its own unique serial number. Now let’s imagine that you need to get to your friend Vasya, who lives in apartment 1443, what are you doing? Go to the right house with that apartment number, then you need to drop by Marina, who lives in apartment 80, and now imagine that instead of you this your computer and instead of your friends, these are ports. Each such port is unique and is responsible for responding to the user for a specific service, for example,

• 80 is an http service that responds to you when you request site pages
• 1433 is the SQL service port
• 443 - https is an encrypted version of http, using SSL certificates.

From the above, there are two types of ports:

1. Rigidly reserved for certain services. These are ports that are used exclusively by certain programs. The range of such ports is from 0-1024, but there are also higher ones, the same 1433 for SQL or 55777 Vipnet.
2. Dynamic, used for the user's everyday things. This is the range after 1024, and they are used, for example, in the following context: download a file, your computer uses one port, watch an online movie, your computer uses a second port, and so on. As soon as the data transfer ends, the port is released.

Ports are also very often associated with sockets, which I have already talked about, I advise you to take a look.

What is port 443?

As I wrote above, it is most often used in two things, the first is, of course, the overwhelming number of sites operating using the https protocol on 443 ports, and the second is in encrypted data transmission channels. About 5 years ago, it was used mainly by online banks and online stores where they paid electronic cards, now search engines, they are trying and pushing all webmasters to transfer their resources to the 443 connection.

Why might the port not work?

Let's look at the question. For what reasons might port 443 be closed?

• By default, when you first installed Windows, all external ports are closed by default as part of the security policy, and this is correct. They are blocked by the built-in Windows Firewall program or by a simple firewall.
• Your network administrator could have blocked the required port, since he has mechanisms such as group policy or access to a proxy server.
• Socket 443 is blocked on the router

If port 443 is closed, this means that:

• If your computer has a program or utility that connects to port 443, it will not be able to do this
• A computer from outside will not be able to access the service hosted by you, for example, a website.

How to open port 443 on windows 7, 8.1 and 10

I will tell you how to open port 443 on Windows 7, but everything described below will be relevant and can be done one to one on modern operating systems Windows systems 10 and server editions. Procedure:

• Press Win+R and enter firewall.cpl, this is quick call snap firewall, full list commands

• Or you can use the classic way, which is to open the "Start" button and

• Select the classic view with large icons in the upper right corner and click on the firewall icon.

• If you need to quickly test a 443 connection, then I advise you to completely disable the firewall, especially if time is of the essence; to do this, open the corresponding item.

To disable, select the appropriate items, in fact, now all Windows 7 ports will be open. After testing, do not forget to turn everything on.

Now the correct option is to go to the advanced firewall settings. You will be taken to enhanced security mode, this is where you can open port 443 windows.

• Go to "Rules for incoming connections", if you need to be connected to you via a 443 connection, if you need to be able to connect, provided that it is closed, then select "Rules for outgoing connections". Right-click and select "Create Rule"

• Here we are interested in two points, the first is “For the program”, it is convenient because you allow a specific program all connections through the firewall, the disadvantage is that if it has dependent programs, it may not work completely or will not work at all, the second option for a port, it’s convenient because once you open the required port, you don’t need to think about which program you should allow it for. A simple example: you use socket 80, at first it worked on Apache, then you replaced it with IIS, you didn’t have to change anything in the firewall.

• If you choose the second option, then specify the TCP or UDP protocol (for greater security)

• If you chose the first item with the program, then you need to specify the path to it, to the exe file.

• We indicate the action, in this case “allow”, since we do not need to open port 443.

• Next, we indicate which network profile it will be applied to, domain for local networks of organizations, private for home networks, and public for the outside world.

• We all set a name for the rule being created and click ready.

If you made a mistake or something changed, you can always change the settings through properties.

How to open port 443 on windows 7 via command line

When you get used to it and you get tired of clicking the same type of windows in Windows Firewall or you want to automate everything, then the command line running with administrator rights will help you with this. You need to run the following command:

netsh advfirewall firewall add rule name="Open port 443-2" protocol=TCP localport=443 action=allow dir=IN

1. netsh advfirewall firewall add rule - adding a rule
2. name - name
3. protocol - protocol type
4. localport - port to open
5. action - action
6. dir - connection type (incoming or outgoing)

Let's check the addition of our rule.

What to do if the port is closed?

Now we are talking. about situations when 443 connection is blocked system administrator or Internet provider. In both cases, you need to contact higher authorities and tell them that you need to open port 443 windows; you won’t be able to do it on your own. Still very a common question, it happens how to do all the same actions on network devices, there is no definite answer, since everyone does this differently, study the documentation. From my own experience, I can say for sure that providers like to lock 25 SMTP connections to prevent spam from being sent. I am sure that you now know how to open everything and will be able to use it in practice.