Configuring Windows Firewall to Allow Access to FFL Tools

If you are running FFL Tools on one computer and 4473 Client on another computer, and Windows Firewall is turned on for the computer that is running FFL Tools, the 4473 Client can not find the database.  There are two solutions to this problem.

  1. Turn off Windows Firewall (not suggested as it my leave your system vulnerable to attacks)
  2. Configure Windows Firewall to allow 4473 Client access to FFL Tools' database.  Below are the steps to configure the Windows Firewall

There are two ways to access Windows Firewall to modify its configuration. The first is by using the Standard Interface, which is accessed through Control Panel / Windows Firewall. Windows XP and Windows Server 2003 use only the Standard Interface. The second is by using Windows Firewall with Advanced Security, which is accessed through Control Panel / Windows Firewall / Advanced Settings or through Control Panel / Administrative Tools / Windows Firewall with Advanced Security. Note: When creating the application exceptions on a 64-bit Windows Operating System, the application path may use the Program Files (x86) directory instead of Program Files. This would occur if the SQL instance is 32-bit instead of 64-bit.
Four exceptions must be configured in Windows Firewall to allow access to SQL Server:

  1. A port exception for TCP Port 1433.
  2. A port exception for UDP Port 1434.
  3. A program exception for sqlservr.exe
  4. A program exception for sqlbrowser.exe

ATF Form 4473 (5300.9)

Open Control Panel and then open Windows Firewall.  Verify that the firewall is turned on and that Don't allow exceptions is not marked.

Click on the Exceptions tab and click the Add Port button.  Enter the name "SQL Server for (port)  FFL Tools", port number 1433 and select TCP below.  Then click OK to save the port exception.

Click Add Port again and enter "SQL Server Browser (port) for FFL Tools" , port number 1434 and select UDP below.  Then click OK to save the port exception.

Click Add Program and then Browse to select sqlservr.exe at this location: [C:\Program Files\Microsoft SQL Server\MSSQL10_50.FFLTOOLS\MSSQL\Binn\sqlservr.exe].

Click Add Program again and then Browse to select sqlbrowser.exe at this location: [C:\Program Files\Microsoft SQL Server\90\Shared\sqlbrowser.exe].  If you're working on a 64-bit computer, the sqlbrowser.exe will be in C:\Program Files (x86).

For Windows Firewall with Advanced Security:

Open Control Panel and then open Windows Firewall.  Click Advanced settings on the left side of the Windows Firewall window to open Windows Firewall with Advanced Security.

Click Inbound Rules on the left side of the window and then New Rule on the right side.

In the New Inbound Rule Wizard dialog, use the following information to create a port exception:

Click New Rule again and use the following information to create another port exception:

Click New Rule again and use the following information to create a program exception:

Click New Rule again and use the following information to create another program exception:

Note: Instructions are given for setting up an Inbound firewall rule. You will need to do this as well for Outbound rules.
Note: After configuring the Windows Firewall, you will have to restart the Firewall or restart the computer for the new rules to take effect.