Use this wizard page to specify which protocol and which port or ports specified in a network packet match this connection security rule. Only network traffic that matches the criteria on this page and the Endpoints page match the rule and are subject to its authentication requirements.

To get to this wizard page
  1. In the Windows Firewall with Advanced Security MMC snap-in, right-click Connection Security Rules, and then click New Rule.

  2. On the Rule Type page, select Custom.

  3. In Steps, click Protocol and Ports.

Protocol type

Select the protocol whose network traffic you want protected by this connection security rule. If the protocol you want is not in the list, select Custom, and then type the protocol number in Protocol number.

If you choose TCP or UDP from the list, then you can type the TCP or UDP port numbers in Endpoint 1 port and Endpoint 2 port.

Protocol number

When you select a protocol type, the corresponding protocol identification number is automatically displayed in Protocol number and is read-only. If you select Custom for protocol type, then you must type the protocol identification number in Protocol number.

Endpoint 1 port

This option is available only if the protocol is set to TCP or UDP. Use this option to specify the port number used by the computer that is part of Endpoint 1. If you select All ports, then all network traffic for the protocol you selected matches this connection security rule. If you select Specific Ports, then you can type the port numbers in the box under the list. Separate port numbers with commas.

Notes
  • If the Do not authenticate option on the Requirements page has been selected for this rule, then you can type port numbers in a range by separating the low and high values with a hyphen, as shown:
  • 80, 445, 5000-5010

Endpoint 2 port

This option is available only if the protocol is set to TCP or UDP. Use this option to specify the port number used by the computer that is part of Endpoint 2. If you select All ports, then all network traffic for the protocol you selected matches this connection security rule. If you select Specific Ports, then you can type the port numbers in the box under the list. Separate port numbers with commas.

Notes
  • If the Do not authenticate option on the Requirements page has been selected for this rule, then you can type port numbers in a range by separating the low and high values with a hyphen, as shown:
  • 80, 445, 5000-5010

How to change these settings

After you create the connection security rule, you can change these settings in the Connection Security Rule Properties dialog box. This dialog box opens when you double-click a rule in Connection Security Rules. To change the protocols and port numbers, click the Protocols and Ports tab.

Additional references


Table Of Contents