Firewall allowed app still blocked in Windows 10 x64 Pro

Question

I have created a rule to allow portable Free Download Manager on D:\ , yet it doesn't connect. I'm running Windows 10 Firewall Control, also portable, and it's showing FDM blocked alerts from FDM: 'BlockedIPv4 TCP ... Block all outbound connections'. Same result with or without WFC running.

I've allowed thru both Windows Firewall direct and WFC, and still doesn't connect.

I've also had errors trying to connect from CMD, PowerShell, also any app downloads that attempt to connect to download fail. It seems anything not in Programs* wont connect. I've tried resetting all the usual: Winsocks, TCP/IP, netsh, TCP/IP, etc.

All other browsers, etc connect fine.

EDIT: I should add I've reset/restored firewall defaults multiple times.

Answer 1

That can be caused by some accidental denial in the past.

Open Windows Firewall Advanced settings. Look for any deny rules in Incoming and Outgoing sections, properties of which may point to your apps and disable the related rules.

If that didn't fix the issue, disable windows firewall temporarily to see if the apps work. Then check the Outgoing rules by enabling them one by one and see if they block that app. It takes some time to find the culprit.

Answer 2

I had the same issue on Windows Server 2019. I realized that if you use the select box and the app is in AppData folder, it will use %AppData% or similar variables and it would not work. I edited the rule and use the full path and it works now.

Answer 3

WFC windows firewall control has been installed, same problem for some rules like Microsoft Account Sign-in Assistant, ssdp discovery etc. despite being allowed. Outlook and ms account signin had problem because of MS account sign in assistant being blocked.

Found that those blocking occurs when "service" option in the rule is set exclusively for the service (rule was automatically created). After changing service option in rule to "apply to all programs and services" or "all services" solved the issue. Those apps/services not being blocked anymore.

Answer 4

Just had to debug a problem with my firewall. As suggested above, if you find disabling the firewall solves your problem then you can use logging to see what's being blocked.

1. Press the Windows key and type "firewall" then select "Firewall & network protection".
2. Make sure the Domain, Private and Public firewalls are turned on.
3. Select "Advanced settings" below.
4. Select the Windows Defender Firewall tab and click Properties in the Actions menu.
5. Inside the Properties tab, select the Customize button under Logging.
6. Note there are three tabs, one each for Domain, Private and Public. If you've already tried turning them off separately you may already know which is causing the problem, otherwise just do the same for all three.
7. Select Yes in the Log Dropped Packets dropdown menu.
8. Press OK to close the Logging Settings menu and again to close the Windows Defender Firewall Properties.
9. Replicate your problem.
10. Open the logging file from %systemroot%\system32\LogFiles\Firewall\pfirewall.log (or wherever you moved it). You'll need to use Administrator mode, e.g. run Notepad as administrator then open the file.

The logs look like this:

#Version: 1.5
#Software: Microsoft Windows Firewall
#Time Format: Local
#Fields: date time action protocol src-ip dst-ip src-port dst-port size tcpflags tcpsyn tcpack tcpwin icmptype icmpcode info path

2023-07-13 14:13:16 DROP TCP 192.168.1.33 192.168.1.136 50018 8081 60 S 423005913 0 64240 - - - RECEIVE
2023-07-13 14:13:17 DROP TCP 192.168.1.33 192.168.1.136 50018 8081 60 S 423005913 0 64240 - - - RECEIVE

From this I realised the firewall is dropping incoming packets that are being sent from another device via a connection that isn't being opened from my PC, so adding the executable to the firewall won't help.