So far, we came to know about the Windows Firewall. In the previous article, we learn about how we can disable windows firewall using GUI (Graphical User Interface). The objective of this article is to disable Windows Firewall using cmd (command prompt).
How to Enable or Disable Windows Firewall?
As we know Windows Firewall, by default, enabled on Microsoft Operating System. For many reasons, you may need to disable the Windows Firewall. To disable windows firewall, we can either use the Graphical User Interface (GUI) or use the command prompt (cmd) mode. This article will guide you on how to disable windows firewall using cmd.
Steps to disable Windows Firewall using cmd
- Open cmd using Administrator Privileges as shown in the below picture.
- Then, you can below mentioned command to disable windows firewall.
NetSh Advfirewall set allprofiles state off
- Now, you can enable Windows Firewall using the below command.
NetSh Advfirewall set allprofiles state on
- Last, if you want to know the status of the Windows Firewall, you can use e following guide.
Netsh Advfirewall show allprofiles
Advanced netsh configuration of Windows Firewall
So far, we discussed some simple commands to enable or disable windows firewall. But, the cmd can be used for the advanced configuration of the windows firewall. Now, we will discuss on below topics from one by one and learn complete configurations of the Windows Firewall. Before we start, we need to know about various profiles which are builtin with Operating System:
Disable ICMP Protocol:
ICMP stands for Internet Control Message Protocol and used to disable or enable PING(Packet InterNet Groper). By default, ICMP is blocked on public network profile and allowed in private profile. If we require to block “ping” we have to disable “ICMP” network packets. The following command will show you how to disable or enable “ICMP” packets to disable or enable “ping” requests in the inbound direction on the IPv4 network. After the implementation of this command, your system will drop all packets of ICMP.
netsh advfirewall firewall add rule name=”All ICMP V4″ dir=in action=block protocol=icmpv4
netsh advfirewall firewall add rule name=”All ICMP V4″ dir=in action=allow protocol=icmpv4
Monitor Firewall Logs:
By default, the log of Microsoft Windows Firewall is “\Windows\system32\LogFiles\Firewall\pfirewall.log“, and we can change them to a particular file at a particular location. We must audit firewall logs so that we can identify a particular threat or network which tries to attack our system. We can configure logs using below command in command prompts:
netsh advfirewall set currentprofile logging filename “C:\pfirewall.log”
Configure Firewall Ports:
As we know ports are virtual paths from source to destination. To secure our network, we must disable or close unused ports. Windows Firewall as other firewalls can be used to disable or enable various ports. To disable or enable particular ports we can use following commands in Windows Command prompt:
netsh advfirewall firewall add rule name=”Example Communication Port 80″ dir=in action=allow protocol=TCP localport=80
netsh advfirewall firewall add rule name=”Example Communication Port 80″ dir=out action=allow protocol=TCP localport=80
Disable or Enable Windows Program:
As we know, windows firewall can be used to Block or Enable a windows program. A program might reach to the internet or not, depends upon following commands:
netsh advfirewall firewall add rule name=”Your Application” dir=in action=allow program=”C:\ProgramExample.exe”
Note: This is a sample program, you can configure your program by giving the correct directory and correct program name.
Enable RDP (Remote Desktop Protocol):
Remote Desktop Connection commonly known as RDP can be used to taking console of a remote system. That particular user can be in a private network or in public networks. We commonly enable RDP on Microsft Server like Windows Server 2012 R2. To enable RDP you can follow below command:
netsh advfirewall firewall set rule group=”remote desktop connection” new enable=Yes
netsh advfirewall firewall set rule group=”remote desktop connection” new enable=No
Reset Windows Firewall:
If you want to reset all manual settings which are misconfigured on Windows Firewall, you can use your command prompt. To restore default settings you can use given below command:
netsh advfirewall reset
Export/ Import Firewall Configuration:
If you fully configured your firewall with required configurations, then it’s a good idea to export the current configuration to a file so that you can restore the original configuration whenever required. To export current settings you can follow below commands:
netsh advfirewall export “C:\temp\WFconfiguration.wfw”
netsh advfirewall import “C:\temp\WFconfiguration.wfw”
In this article, we learn how to disable windows firewall using the command prompt. First of all, we learn how to disable or enable windows firewall. We also learn how to check the status of the windows firewall. After all, we come to know about some important commands of netsh utility to manage windows firewall efficiently.