How to Allow/Open or Set custom Port on Windows Server 2019 in Firewall

---

Let’s explain first, what is a port. A port is a virtual point on a system where network connections begin or end. It acts like a doorway that allows data to enter or leave your system. Every time your system connects to the internet or a local network, it uses ports to talk to different services.

For example, when you open a website, your system uses a specific port to send and receive data for that website.

Each type of service uses a specific port number so your system knows where to send the data. For example:

• Port 80 is used for normal websites (HTTP).

• Port 443 is used for secure websites (HTTPS).

• Port 22 is used for secure remote access (SSH).

Ports help organize and manage network traffic, so multiple services can run on the same device without interfering with each other.

Ports work with two main communication protocols: TCP (Transmission Control Protocol) and UDP (User Datagram Protocol).

• TCP ports are used when a reliable connection is needed — like web browsing (port 80) or email, where data must arrive in order and without loss.

• UDP ports are used for faster communication, where speed is more important than reliability — like online gaming, video streaming, or voice calls.

On Windows Server 2019, Windows Defender Firewall is configured to allow access to known programs by default. To manually open a specific port, follow the step-by-step guide below.

Configuring Windows Defender Firewall on Server 2019

---

Open Windows Defender Firewall with Advanced Security from the Start menu or by running wf.msc.

In the Windows Defender Firewall with Advanced Security on Local Computer window, click on Windows Defender Firewall Properties.

Ensure that the Firewall state for all profiles is set to On (recommended).

Set Inbound connections to Block (default).

This ensures that only manually added firewall rules will be allowed through.

Opening an Inbound Port

---

In the left-hand panel of the Windows Defender Firewall with Advanced Security window, click on Inbound Rules. Then, in the right-hand Actions panel, click New Rule.

In the New Inbound Rule Wizard, choose Port as the type of rule and click Next.

Select the protocol (TCP or UDP) based on your application.

Enter the port number(s) you want to open:

For example,

• Single port: 443
• Multiple ports: 80, 443, 8080
• Range of ports: 1000-1010

Click Next, then choose Allow the connection, and proceed.

Select when the rule applies (Domain, Private, Public) — check all if unsure — and click Next.

Give your rule a meaningful name (e.g., “Open HTTPS Port 443”), and click Finish.

Confirm the Port is Open

---

To verify which ports are currently open, open Command Prompt and run:

netsh advfirewall firewall show rule name=all

Create Outbound Rule

---

If the app needs to send traffic out through the same port:

Click Outbound Rules in the left panel.

Repeat the same steps as above to allow the port for outgoing connections.

Conclusion

---

Opening a port in Windows Firewall allows applications or services to communicate with your device over the network. Always double-check that the port is open only when necessary and close it when it's no longer in use to maintain system security.