Home | Articles | Microsoft | Windows Home Server | Restoring Windows Firewall on WHS
Restoring Windows Firewall on WHS

Restoring Windows Firewall on WHS

I recently ran into a situation where I was having some issues with the Windows Firewall on my Windows Home Server, so I did what I though would help me solve my issues.  If you open the options for the Windows Firewall on your Windows Home Server, there is an advanced tab with an option to “Restore Defaults.”  I figured this would restore the Firewall to the state it ships with Windows Home Server.  Unfortunately, this isn’t the case; it restores the Firewall to a BLANK state, losing all the necessary exceptions for WHS to function properly.

I also thought I could simply just recreate the necessary exceptions bringing WHS back to a restored firewall state.  Unfortunately, this isn’t the case either.  I scoured the internet looking for the information on what exceptions to make and never really found a complete list. I searched everywhere: the technet site, Homeserver official forums, mswhs, wegotserved… everywhere.

Here is the stuff you see for defaults:

  • File and Printer Sharing – TCP 139,445 UDP 137,138
  • HTTP – TCP 55000 – Modified Scope to “My Network (subnet) only
  • HTTP – TCP 80
  • HTTPS – TCP56000 – Modified Scope to “My Network (subnet) only
  • HTTPS – TCP 443
  • RDP proxy – TCP 4125
  • Remote Desktop – TCP3389 – Modified Scope to “My Network (subnet) only
  • UPNP Framework – TCP 2689 UDP1900 – Modified Scope to “My Network (subnet) only
  • Windows Home Server Computer Backup – C:\Program Files\Windows Home Server\whsbackup.exe – Modified Scope to “My Network (subnet) only
  • Windows Home Server Transport Service – TCP 1138 – Modified Scope to “My Network (subnet) only
  • Windows Media Connect – UDP 10284 – Modified Scope to “My Network (subnet) only
  • Windows Media Connect – UDP 10283- Modified Scope to “My Network (subnet) only
  • Windows Media Connect – UDP 10282 – Modified Scope to “My Network (subnet) only
  • Windows Media Connect – UDP 10281 – Modified Scope to “My Network (subnet) only
  • Windows Media Connect – UDP 10280 – Modified Scope to “My Network (subnet) only
  • Windows Media Connect – UDP 10243 – Modified Scope to “My Network (subnet) only

The stuff you don’t see are:

  • The exception list for DomainProfile
  • The exception list for StandardProfile

What does this mean for you? If you bork your Windows Firewall, there is no simple way to restore the standard settings, until now.  The registry on your WHS actually stores all the information for your Windows Firewall; all the exceptions, your deny lists, everything.

NOTE: Editing the Registry incorrectly can cause serious, system-wide problems that may require you to re-install Windows Home Server to correct them. Microsoft nor computingondemand.com cannot guarantee that any problems resulting from the use of Registry editing can be solved. Back up your registry first, but use at your own risk.

The keys that store this information and what they contain:

Windows Registry Editor Version 5.00

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
“EnableFirewall”=dword:00000001
“DoNotAllowExceptions”=dword:00000000
“DisableNotifications”=dword:00000000
“DisableUnicastResponsesToMulticastBroadcast”=dword:00000000

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List]
“3389:TCP”=”3389:TCP:*:Enabled:@xpsp2res.dll,-22009″
“1900:UDP”=”1900:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22007″
“2869:TCP”=”2869:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22008″
“10280:UDP”=”10280:UDP:LocalSubNet:Enabled:Windows Media Connect”
“10281:UDP”=”10281:UDP:LocalSubNet:Enabled:Windows Media Connect”
“10282:UDP”=”10282:UDP:LocalSubNet:Enabled:Windows Media Connect”
“10283:UDP”=”10283:UDP:LocalSubNet:Enabled:Windows Media Connect”
“10284:UDP”=”10284:UDP:LocalSubNet:Enabled:Windows Media Connect”
“10243:TCP”=”10243:TCP:LocalSubNet:Enabled:Windows Media Connect”

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\RestrictedServices]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\RestrictedServices\Static]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\RestrictedServices\Static\System]
“SearchIndexer-1″=”V2.0|Action=Block|Dir=In|App=%SystemRoot%\\system32\\SearchIndexer.exe|Svc=WSearch|Name=Block all inbound traffic to SearchIndexer|”
“SearchIndexer-2″=”V2.0|Action=Block|Dir=Out|App=%SystemRoot%\\system32\\SearchIndexer.exe|Svc=WSearch|Name=Block all outbound traffic from SearchIndexer|”
“SearchFilterHost-1″=”V2.0|Action=Block|Dir=In|App=%SystemRoot%\\system32\\SearchFilterHost.exe|Name=Block all inbound traffic to SearchFilterHost|”
“SearchFilterHost-2″=”V2.0|Action=Block|Dir=Out|App=%SystemRoot%\\system32\\SearchFilterHost.exe|Name=Block all outbound traffic from SearchFilterHost|”

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
“EnableFirewall”=dword:00000001
“DoNotAllowExceptions”=dword:00000000
“DisableNotifications”=dword:00000000
“DisableUnicastResponsesToMulticastBroadcast”=dword:00000000

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
“C:\\Program Files\\Windows Home Server\\whsbackup.exe”=”C:\\Program Files\\Windows Home Server\\whsbackup.exe:LocalSubNet:Enabled:Windows Home Server Computer Backup”

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
“3389:TCP”=”3389:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22009″
“1900:UDP”=”1900:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22007″
“2869:TCP”=”2869:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22008″
“10280:UDP”=”10280:UDP:LocalSubNet:Enabled:Windows Media Connect”
“10281:UDP”=”10281:UDP:LocalSubNet:Enabled:Windows Media Connect”
“10282:UDP”=”10282:UDP:LocalSubNet:Enabled:Windows Media Connect”
“10283:UDP”=”10283:UDP:LocalSubNet:Enabled:Windows Media Connect”
“10284:UDP”=”10284:UDP:LocalSubNet:Enabled:Windows Media Connect”
“10243:TCP”=”10243:TCP:LocalSubNet:Enabled:Windows Media Connect”
“80:TCP”=”80:TCP:*:Enabled:HTTP”
“55000:TCP”=”55000:TCP:LocalSubNet:Enabled:HTTP”
“56000:TCP”=”56000:TCP:LocalSubNet:Enabled:HTTPS”
“1138:TCP”=”1138:TCP:LocalSubNet:Enabled:Windows Home Server Transport Service”
“139:TCP”=”139:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22004″
“445:TCP”=”445:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22005″
“137:UDP”=”137:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22001″
“138:UDP”=”138:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22002″
“443:TCP”=”443:TCP:*:Enabled:HTTPS”
“4125:TCP”=”4125:TCP:*:Enabled:RDP proxy”

I have also created an export of these settings for the “Just in case” scenario.  However, in the interest of your own personal security; if you choose to download this file and import it, always verify its contents.  If you right click on the .reg you can click “EDIT”.  Make sure its contents match those listed here.

To restore your Firewall:

  1. Remote Desktop into your WHS
  2. Open Windows Firewall from Control Panel
  3. Click the Advanced Tab
  4. Click “Restore Defaults” and whatever it prompts you for after
  5. download the .reg file to your WHS: firewall-policy
  6. Double click to Import or Right Click and select import (FROM YOUR WHS!!!!)

Click to download: firewall-policy

About Joe DiFiglia

I have always had a passion for everything computing. In early 2000, I decided to take my passion to the web. Thus, C.O.D. was born. Through the years we have made many great friends at C.O.D. and hope to continue our journey for years to come.