How to Allow/Open or Set custome Port on Windows Server 2016 in Firewall

Let’s explain first, what is a port. A port is a virtual point on a system where network connections begin or end. It acts like a doorway that allows data to enter or leave your system. Every time your system connects to the internet or a local network, it uses ports to talk to different services.

For example, when you open a website, your system uses a specific port to send and receive data for that website.

Each type of service uses a specific port number so your system knows where to send the data. For example:

  • Port 80 is used for normal websites (HTTP).

  • Port 443 is used for secure websites (HTTPS).

  • Port 22 is used for secure remote access (SSH).

Ports help organize and manage network traffic, so multiple services can run on the same device without interfering with each other.

Ports work with two main communication protocols: TCP (Transmission Control Protocol) and UDP (User Datagram Protocol).

  • TCP ports are used when a reliable connection is needed — like web browsing (port 80) or email, where data must arrive in order and without loss.

  • UDP ports are used for faster communication, where speed is more important than reliability — like online gaming, video streaming, or voice calls.

On Windows Server 2016, Windows Defender Firewall is configured to allow access to known programs by default. To manually open a specific port, follow the step-by-step guide below.

Configuring Windows Defender Firewall on Server 2016

Click the Start menu, search for Windows Defender Firewall with Advanced Security, and open the application.

Alternatively, press Win + R, type wf.msc, and hit Enter.

In the left-hand panel, click Windows Defender Firewall with Advanced Security on Local Computer, then select Windows Defender Firewall Properties on the right.

image

A new window will open showing the firewall settings for Domain, Private, and Public profiles. Ensure that the Firewall state for all profiles is set to On (recommended).

Under each profile tab (Domain, Private, Public), make sure Inbound connections are set to Block (default) to prevent unauthorized access.

image

Opening an Inbound Port

In the left-hand panel of the Windows Defender Firewall with Advanced Security window, click on Inbound Rules. Then, in the right-hand Actions panel, click New Rule.

image

In the New Inbound Rule Wizard, choose Port as the rule type and click Next.

image

Select the protocol (TCP or UDP) based on your application.

Enter the port number(s) you want to open:

For example,

  • Single port: 443
  • Multiple ports: 80, 443, 8080
  • Range of ports: 1000-1010

image

Click Next, then choose Allow the connection, and click Next again.

image

Select when the rule applies (Domain, Private, Public) — check all if unsure — and click Next.

image

Give your rule a meaningful name (e.g., “Open HTTPS Port 443”) and click Finish.

image

Verify if the Port Is Open via Command Prompt

To verify which ports are currently open on your system, open Command Prompt and run:

netsh advfirewall firewall show rule name=all

image

This will display all inbound and outbound rules, including details like:

  • Rule name

  • Direction (inbound/outbound)

  • Protocol and ports

  • Action (allow/block)

  • Profile (Domain, Private, Public)

Create Outbound Rule

If the app needs to send traffic out through the same port:

Click Outbound Rules in the left panel.

Repeat the same steps as above to allow the port for outgoing connections.

Conclusion

Opening a port in Windows Firewall allows applications or services to communicate with your device over the network. Always double-check that the port is open only when necessary and close it when it's no longer in use to maintain system security.

CrownCloud - Get a SSD powered KVM VPS at $4.5/month!
Use the code WELCOME for 10% off!

1 GB RAM / 25 GB SSD / 1 CPU Core / 1 TB Bandwidth per month

Available Locations: LAX | MIA | ATL | FRA | AMS
Get Started Now!