After using Windows Firewall for a long time, it may stop working properly. Especially if you have changed its more advanced settings or made a lot of changes. It becomes difficult to pinpoint the root problem for network connectivity issues. The only thing that works is to reset Windows Firewall to its default settings so that it deletes all the rules that were created and you can start setting it up again from scratch. Here are four different ways to do this reset.
NOTE. This guide only works if you are using a user account with administrator rights. It covers Windows 10, Windows 7 and Windows 8.1. For each method, we mention the version of Windows it runs on. The native firewall is called Windows Defender Firewall in Windows 10, but in Windows 7 and Windows 8.1 it retains the old Windows Firewall name. For this article we are using screenshots from Windows 10.
A little theory about firewall operating modes
By default, the Windows firewall allows all outgoing connections unless they are explicitly denied. That is, they won’t be able to connect to us from the outside, but if some program has penetrated our machine (or we installed it voluntarily), it may well send whatever it wants, and no one will forbid it by default!
Profiling
On the “Profile” tab, select permissions for all profiles, that is, check all the boxes:
And on the “Name” tab we set a name for our profile (by analogy with sorting folders, I would recommend starting the name with the same letter, or better yet, with the same symbol, which will allow you to quickly find your rules in the list):
Now that you have made the rule (and if you have done it correctly) the browser should successfully connect to the Internet.
Using the same principle, you add rules, as I already said, for all applications that, in your opinion, need Internet access.
A little trick - to understand where the program's exe file actually is, right-click on the shortcut and select "Properties", where in the "Object" line the full path to the working file will be indicated, and in the "Working" line folder“, in fact, the working folder with the program is indicated.
Next, you should remember that there are different versions of the program for different bit depths, i.e. sometimes you need to allow access to both x86 (x32) and x64 versions of the program, depending on which one you use on the system (or if you use both of them).
“Complex” programs require many permissions, for example, Steam requires about 6-8 rules for fully working functionality (since they have one application responsible for the browser part, the second for launching the client, the third for broadcasts, the fourth for store, fifth for anything else):
- Steam\Steam.exe;
- Steam\bin\steamservice.exe;
- Steam\bin\x86launcher.exe;
- Steam\bin\x64launcher.exe;
- Steam\bin\steam_monitor.exe;
- Steam\bin\GameOverlayUI.exe;
- Etc.
This occurs in a fairly large number of programs, that is, if you seem to have given access to one, the main exe file, but it (the application) still complains about the lack of Internet, then you should look for other exe files in the folder with the program and set permissions for them until all the necessary functionality works properly.
Setting up an antivirus
If problems arise, one of the best options is to go to the antivirus website or contact the product’s technical support, they will tell you exactly the correct program settings.
An antivirus should not block working programs - like Google Chrome or Skype, but should check them while working.
Safe antivirus settings should include:
- web crawling;
- checking files downloaded from the Internet;
- blocking dangerous sites and interrupting connections with suspicious connections;
- scanning browser scripts;
- alerts about dangerous files and suspicious sites.
Update
The antivirus update must be current, either with the release of new versions, or monthly automatically.
Setting up an Internet connection
To check whether your computer's IPv4 settings match those stated by your provider, you need to do the following:
- go to Network and Sharing Management;
- then go to the Change adapter settings tab;
- in the connection context menu, open Status;
- there, click the Details button;
- check the IPv4 address and gateway, they must match those provided by the provider during registration.
Setting up a connection through a router occurs through the device’s web interface. The router sometimes comes with a settings disk, but you can do without it. For initial setup, it is best to connect the router directly to the laptop, and then to the Internet cable; connecting to the power supply is done last.
Next, follow the instructions:
- go to the web interface. To do this, open the browser and enter the IP address, which is in the device documentation or on the sticker, directly on the case.
It can be:- 192.168.0.1
192.168.1.1
- 192.168.2.1
- Enter your username and password to log in, they are also listed in the documentation. Usually this is admin-admin;
- in the Wireless menu, find the SSID item and enter the name of your future network;
- then, in the Security section of the same menu, create a network password, and in the Encryption item, select the most reliable WPA2-PSK;
- in the WAN connection section, select the one provided by your provider:
- If this is a PPPoE connection, you need to enter the network login and password; check with your provider if you need to fill out the IP address and network mask;
- With dynamic IP, no additional settings are needed;
- Static IP requires entering an IP address that cannot be changed;
- PPTP connection requires entering a login, password, subnet mask and IP gateway.
- do not forget to save the settings after each item.
If you don’t have enough time to wait for a specialist, you don’t want to spend money, and you feel like a confident PC user, then using various instructions and recommendations, you can try to set up an Internet connection yourself. Most likely, it will take two to three times more time and energy than contacting a specialist, but it will provide useful experience in the future.
First actions
What can block Internet access? There are a great many reasons, but most often this happens due to the work of security programs - firewall, antivirus.
Windows Firewall
This is a firewall built into the operating system. This is part of a software package to protect your computer from malicious intrusions. This is a kind of wall between information from the Internet and the PC.
However, it happens that this tool denies access even to trusted sites. To determine what exactly the Firewall is blocking the Internet, you need to disable it. If access is restored after this, then this is indeed the problem.
Antivirus
An antivirus program (antivirus) is a program for detecting viruses and malware. It also restores infected files and prevents infection of files and the operating system. Examples are Kaspersky antivirus, AVAST, ESET NOD32 and others.
To understand that the cause of the problem is precisely such a program, disable it and check whether Internet access is restored. Now let’s move on to specific actions to work with computer defenders. I will tell you what settings you need to make in order to never see the message: “Internet access is blocked. The connection may be blocked by a firewall or antivirus program."
Understanding rule priority for incoming rules
In many cases, the next step is for administrators to configure these profiles with rules (sometimes called filters) so they can work with user applications or other types of software. For example, an administrator or user can add a rule to host a program, open a port or protocol, or allow a predefined type of traffic.
This can be done by right-clicking Rules or Outbound Rules and selecting New Rule . The interface for adding a new rule looks like this:
Rice. 3. Rule Creation Wizard
Note
This article does not cover step-by-step rules configuration. For general guidance on creating a policy, see the Windows Firewall Advanced Security Deployment Guide.
In many cases, applications must allow certain types of incoming traffic to run on a network. Administrators should be aware of the following precedence rules when allowing these incoming exceptions.
- Explicitly defined allow rules will take precedence over the default block setting.
- Explicit blocking rules will take precedence over any conflicting admission rules.
- More specific rules will take precedence over less specific rules, except in the case of explicit blocking rules, as mentioned in 2. (For example, if Rule 1's parameters include a range of IP addresses, while Rule 2's parameters include a single IP address, the rule 2 will take precedence.)
Because of 1 and 2, it is important when designing a set of policies to ensure that there are no other explicit blocking rules that could accidentally overlap, thereby preventing the flow of traffic that you want to allow.
General security practice when creating inbound rules is to be as specific as possible. However, when new rules need to be introduced that use ports or IP addresses, sequential ranges or subnets should be used whenever possible rather than individual addresses or ports. This avoids having to build multiple filters under the hood, reduces complexity, and helps avoid performance degradation.
Note
Windows Defender Firewall does not support the traditional rule ordering assigned by your administrator. An effective set of policies with expected behavior can be created using the multiple, consistent, and logical rules described above.
Know how to use screens mode for active attacks
An important firewall feature used to reduce damage during an active attack is screens up mode. This is an informal term referring to a simple technique that a firewall administrator can use to temporarily improve security in the face of an active attack.
Protection can be achieved **** by checking to block all incoming connections, including the list of allowed application settings found in the Windows Settings application or the legacy firewall.cpl file.
Rice. 6. Windows Settings App/Windows Security/Firewall Protection/Network Type
Rice. 7. Outdated firewall.cpl
By default, Windows Defender Firewall is everything unless an exclusion rule is created. This option overrides exceptions.
For example, the Remote Desktop feature automatically creates firewall rules when the feature is enabled. However, if you actively use multiple ports and services per host, instead of disabling individual rules, you can use screens mode to block all incoming connections, overriding previous exceptions, including Remote Desktop rules. The Remote Desktop rules remain unchanged, but remote access will not work as long as the screen is activated.
Once the emergency has been restored, break down the option to restore regular network traffic.
Lock testing
The lock takes effect immediately after creation; you do not need to log out or restart your computer. Launch the Opera application and go to https://www.google.com to make sure it is blocked.
If you need to disable blocking, you will need to return to the Windows Firewall advanced settings interface, select the rule with the left button, then either disable or delete it. To do this, use the appropriate items in the right panel of the Firewall.
general information
Windows Defender Firewall (firewall, firewall) is a special application that filters all traffic that enters the computer. Filtering is carried out on the basis of special rules that are specified by the user or the program itself.
The main function of a firewall is to protect your computer from unauthorized access by third parties. Firewall can be installed separately as an auxiliary utility under user control.
The Windows operating system has its own firewall that filters traffic without the user's knowledge. In most cases, filtering is adequate, and a person does not experience any problems when using the Internet.
However, sometimes the firewall can go crazy, blocking access to the network. Why does the Firewall block the Internet:
- There is a large amount of outgoing traffic from your PC that looks like spam (usually this occurs when infected with spyware that uses computer resources to perform external actions without the user’s knowledge);
- Due to a serious software failure, which leads to inadequate operation of all stand-alone Windows OS programs (including firewall failure);
- When installing some antivirus programs (the algorithms of some antiviruses are very similar to virus activity, so the screen locks);
- After cleaning the computer from viruses (sometimes after cleaning the PC there are remnants of virus programs that do not pose a danger in themselves, but which the firewall filter does not allow);
- Downloading some updates, which leads to changes in protection settings (this scenario is quite rare in practice);
- After installing external programs that are potentially dangerous or spyware.
What should I do if my connection is blocked by Firewall or antivirus software? The following video is about this:
No network access in Windows 7
If, when connecting, you see “Unidentified network”, but all settings are in order, contact your provider first - this may be an internal error.
After reinstalling Windows, the Internet settings usually return to their original settings, so you need to install them again:
- create a new network connection, select “High-speed”;
- enter the username and password, connection name and save;
- go to the adapter parameters;
- select the required network connection and open the “Properties” item;
- in the list, select the item “Internet Protocol version 4”;
- click the “Properties” button;
- select “Obtain an IP address automatically” or “Use the following IP address” and enter the required data manually;
- save the data.
The problem may be caused by Windows protocol errors; to fix this, you need to reset the protocol settings.
It's pretty simple:
- run command line with administrator rights;
- enter and activate the command netsh int ip reset resetlog.txt;
- reboot the laptop.
Is the problem with the router or the laptop?
When WiFi connectivity issues occur, you need to determine where the problem is coming from. This could be a laptop, router or ISP. If all devices connect to the router and work normally with the Internet, the reason is in the laptop; if, on the contrary, you connect a network cable to the laptop and the Internet works, you need to configure the router. When all else fails, contact your provider's technical support.
The reason is the laptop
If the problem is in the laptop, but all of the above settings are in order, diagnose the system for viruses and device operation. There may be problems with the network driver or even malfunctions of the network card or connector itself.
Perhaps the WiFi point password does not match, for example, due to an incorrect layout or CapsLock.
The reason is the Wi-Fi router
If the settings are incorrect, the router can distribute WiFi without access to the network. Read on to learn how to properly configure your router.
One of the reasons for connecting without a network may be to protect the Wi-Fi network from unauthorized access by blocking it by MAC address. You can find out how to fix this problem on the router manufacturer’s website, or you can independently find the list of allowed or blocked addresses in the settings and add or remove the address of your laptop.
You can view the MAC address of your laptop by entering the Ipconfig / all command in the command line.
Also, the router has speed limit settings for each client, so you can either allow the maximum speed or limit it to a couple of kbsec.
Problems with Internet speed may be a signal for help from the router itself - perhaps you have not removed the factory film from it, it is covered with something or is overheating for other reasons. If you do not provide the device with normal ventilation, it will not last long and will be extremely ineffective.
Checking the Internet connection without a router
If you suspect the router is causing the problems, you need to connect the network cable to your laptop or computer to check. If the Internet does not work automatically, create a new cable connection, enter the login and password provided by the provider. You may need to enter additional protocol settings in the adapter properties.
Setting up Firewall in Windows OS
The main function of a firewall is to check data coming from the Internet and block those that cause concern. There are two modes: “white” and “black” list. White - block everything except what is allowed, black - allow everything except what is prohibited. Even after fully configuring the firewall, you still need to set permissions for new applications.
To find the firewall:
- go to the Control Panel and use the search;
- in the window that opens, you can change the protection settings for private and public networks;
If you already have an antivirus installed, disable the firewall as shown in this picture.
Blocking outgoing connections
The firewall and sometimes antivirus can completely block all outgoing connections.
To block outgoing connections with a firewall in white filter mode, you need to:
- go to the “advanced settings” of the firewall;
- open the “Properties” window;
- set “outgoing connections” to “block” mode in private and public profiles.
Application Rules
There is a special list of programs that are allowed to exchange data with the Internet, and if the one you need is blocked, you just need to configure permissions for it in this list. You can also set up notifications so that if a new application is blocked, you have the choice to leave everything as is and allow access to that program.
For example, you can block Internet access for Skype or Google Chrome, or vice versa, leave access only for a couple of specific work programs.
Video: Network without Internet access
Service Rules
To configure access for services:
- go to the advanced firewall settings;
- on the left select incoming or outgoing rules;
- On the right, select “Create a rule”;
- Select “Custom” from the list;
- enter the service name or select it from the list provided.
Newer versions of Windows, starting with Vista, provide the ability to select a service from a list without manually entering the service name. If there is no access to a computer on a Windows xp or Windows server network, you need to configure the access policy service; a detailed description can be found in the system help.
Activate the reserved rule
To activate a reserved rule, you need to repeat steps 1-3 from the previous section, then:
- select “Predefined”;
- mark the desired resolution, for example for “Remote Assistance”;
- select the desired rule from the list;
- specify the action for the specified conditions - allow the connection, allow a secure connection, or block.
Allow VPN connection
To set a special VPN connection permission, you need to repeat steps 1-3 again, then:
- select “For port”;
- specify the TCP or UDP protocol;
- choose to apply the rule to all or specific ports;
- check the desired box: allow connection, allow secure connection, block connection;
- select the profiles for which this rule should be applied - domain, private or public;
- Give the finished rule a name.
Network traffic is limited by the router: what to do?
Most modern routers also have a built-in firewall that can block network traffic (restrict connections to certain resources).
Setting up a Firewall on a router depends on its manufacturer and model. It is important to properly familiarize yourself with the web interface of your router. Find the settings tab and disable the firewall.
In conclusion, it is worth mentioning that there are many software products that have their own network and firewalls (as well as Firewall with different functionality and settings) such as AP Continent.
Such programs are very specific and highly specialized, and the chance of “stumbling upon” them on the Internet is small, therefore the main protection of the user from all kinds of network restrictions and blockings is the foresight and attentiveness of the user himself.
- Author: admin
Rate this article: (8 votes, average: 4 out of 5)