How can I disable all inbound and outbound ports in windows server 2012 and enable only specific ports such as 636, 389 (LDAP ports), and remote desktop port 3389?
I have already tried creating a new custom outbound rule to block all ports and programs but as I enable this custom block rule, other rule (which allow specific ports to enable) are not working.
Similarly, I have created custom rule to block all inbound ports and programs and enabled it. This blocked the RDP connection and LDAP connection though I added new rule to allow incoming connection on LDAP (636,389) and RDP (3389) ports.
Best Answer
The Windows Firewall does not react as a standard network Firewall.
When you have more than one rule matching your traffic, then the Block one will have precedence, regardless the rules order. If you have rules with both Allow and Block that will match traffic, then it will Blocked.
As a consequence, the following rules you are probably trying to set WILL NOT WORK, as the
block
rules for all udp/tcp ports will take precedence over the allowed ones for RDP/LDAP :So, what to do now from there ?
1) Check-out the "Override" column. There it's setup to "No". You can setup it to "yes" but then you will need to specify an allowed computer or computer group...depending on your context (e.g AD or not) this option could not apply to you :
https://technet.microsoft.com/en-us/library/cc730690(v=ws.10).aspx
2) Explicitly deny ports that overlap ones you explicitely need to allow, then allow only ones you need to open :