Home » How To » How To Allow a Program Through Firewall in Windows 10 & 11

How To Allow an App (Program) Through Windows Firewall (10/11)

By / How To

Want to exclude or create an exception for a program in Windows Firewall? Here is how to allow a program through the firewall in Windows 10 & 11.

In Windows 10 and Windows 11, Windows Firewall is your first line of defence against network threats. By default, it manages all network traffic and automatically blocks unrequested inbound connections. Generally, most users never need to worry about the firewall rules or their configuration. However, Windows Firewall can be a bit too aggressive and block legitimate connections. For example, it might block multiplayer games, media servers, or local pinging attempts.

In those cases, rather than disabling Windows Firewall completely, you can exclude that specific program in Windows Firewall using custom firewall rules. That way, you can allow an app through the firewall in Windows 11 and 10. In this guide, I will show you how to do it using the Windows Firewall tool and a simple PowerShell command. Let’s get started.

Before You Start

  • Administrator rights are required to create new rules to allow a program through the firewall.
  • The steps below are tested to work in Windows 11 and Windows 10.

Allow an App Through Windows Firewall Using PowerShell Command

  1. Right-click on the Start button on the taskbar.
  2. Select “Terminal (Admin)” or “Windows PowerShell (Admin)“.
  3. Run the following command while replacing the example program path with the actual path of the app you want to exclude.
    New-NetFirewallRule -DisplayName "My App Exclusion" -Direction Inbound -Program "C:\Path\To\App.exe" -Action Allow
  4. With that, the PowerShell command creates a custom rule to allow that specific access throughout Windows Firewall.

Steps to Allow an App Through Windows Firewall

To add an exception to the firewall and allow a program through the firewall, we have to create a custom inbound rule via Advanced Settings. Here is how to do it.

  1. Click the Start button on the taskbar to open the Start menu.
  2. Search and open “Windows Defender Firewall with Advanced Settings“.
  3. Select the “Inbound rules” option on the sidebar.
  4. Click “New Rules” on the right panel.
  5. Select “Custom” and click “Next“.
  6. Select “This program path” and click “Next“.
  7. Click “Browse“.
  8. Select the app’s .exe file you want to exclude from the firewall, then click “Open“.
  9. Click “Next“.
  10. Select “Any” from the Protocol dropdown menu and click “Next“.
  11. Make sure “Any IP address” is selected in both sections and click “Next“.
  12. Select “Allow this connection” and click “Next“.
  13. Select all three profiles (Domain, Public, and Private) and click “Next“.
  14. Type a name in the “Name” field and click “Finish“.
  15. With that, you’ve configured Windows Firewall to allow that specific app.

Detailed Steps (With Screenshots)

Press the Start button on your keyboard to open the Start menu. Next, search for “Windows Defender Firewall with Advanced Security” and open it.

open Windows firewall

We need to create a new inbound rule to allow a program through the firewall. To do that, select the “Inbound Rules” option on the left sidebar and then click on the “New Rule” option on the right sidebar.

create new rule

In the rule creation wizard, select the “Custom” option. This option allows you to create a custom rule with more refined controls.

select custom option to allow program through firewall

Since we want to allow a program through the firewall, we need to tell the firewall which program it is. To do that, select the “This program path” option and then click the “Browse” button.

select this program path option

Now, find the exe file of the program you want to allow through the firewall, select it, and click the “Open” button.

select the exe file

Click “Next” to continue.

confirm the exe file

Select the “Any” option from the “Protocol Type” dropdown menu and click the “Next” button. This ensures the allowed program can communicate in any supported protocol type on any port of its choosing. If you only need a specific protocol or port, you can select it on this screen. For example, to allow pings in Windows Firewall, select the “ICMPv4 Echo Requests” option.

select any protocol type

We want to allow the program to connect to any IP address. So, let the default options be and click “Next“. If you wish to restrict the app’s communication to specific IPs, select the “These IP Addresses” option and add them in the blank fields.

select any IP address

Select the “Allow this connection” and click “Next“.

select allow this connection to allow a program through firewall

Select all three profiles. i.e., Domain, Private, and Public options, and click the “Next” button.

select all profiles

For the final step, name the rule and click the “Finish” button. This name will appear in the rules list. So, make sure the name is descriptive enough.

name the new custom firewall rule to add exception

That is it. You are done. From now on, the program you added to the firewall is allowed through Windows Firewall.

Explicit Deny Rules Take Precedence Over Allow Rules

One thing to keep in mind when configuring firewall rules is that an explicit deny rule takes precedence over an allow rule. That means the target program cannot go through the firewall even when you create the allow rule. In that case, you have to disable the deny rule first.

That is all. It is that simple to allow an app through Windows Firewall in Windows 11 and Windows 10. If you have any questions or need help, comment below.

Leave a Comment

Your email address will not be published. Required fields are marked *