Compaq Presario CQ5810 Desktop PC support
Using Windows 7 Firewall
This document applies to HP and Compaq computers using Windows 7.
Learn about Windows 7 Internet Connection Firewall.
NOTE:Many HP and Compaq computers also come with Norton Internet Security software. This article applies only to the firewall that is part of the Windows operating system. For more information about Norton Personal Firewall, see Using Norton Internet Security 2010 (Windows 7) .
What is a firewall?
A firewall is a software program or hardware device that controls the flow of network content to and from the computer. A firewall is typically used to reduce or prevent unwanted malicious Internet traffic to an IP address (the address of the computer on the network) by blocking the ports that network traffic uses.
Activating or deactivating Windows Firewall
Use the following steps to turn Windows Firewall on or off:
- To turn on Windows firewall, click Start, click Control Panel, click System and Security, and then click Windows Firewall.
- The Windows Firewall page displays the current firewall settings. To turn on the firewall, click Turn Windows Firewall on or off.
- Click Continue in the User Account Control window.
- Select Turn on Windows Firewall to turn on the Windows Firewall to modify the firewall settings for each type of notwork location that you use. Then click OK.
Allowing programs through the firewall
If server software is in use while the firewall is also being used, Internet traffic must be able to access these servers through the firewall. Perform the following steps to open the firewall for server software:
- To allow services through the firewall, click Start, click Control Panel, click Security, and then click Allow a program through Windows Firewall.
- Click Continue in the User Account Control window.The Windows Firewall Allowed Programs display.
- Click Change Settings. Then click Allow another program.
- Select the program you want to add, or click Browse to find one that is not listed.
- Click Add when done.
Controlling flow of Internet Control Messaging Protocol (ICMP)
Certain messages can be received by a computer from another computer on the Internet. By default, the Windows firewall software prevents a response from being sent to these messages. However, you can enable ICMP messaging to permit the computer to answer ICMP requests.
For example, to allow the computer to receive Ping requests for troubleshooting, set up a new rule to allow ICMP Echo requests. Since this can leave your computer vulnerable to the types of attacks that use ICMP Echo messages, when you are done troubleshooting, you should disable the rule.
Perform the following steps to allow the HP or Compaq computer to respond to Internet Control Message Protocol (ICMP) messages:
- Click Start, and then click Control Panel.
- Click System and Maintenance, and then scroll down and click Administrative Tools.
- Double-click Windows Firewall with Advanced Security, and then click Continue on the User Account Control message.Windows Firewall with Advanced Security opens.
- In the left pane, click Inbound Rules. In the Actions pane on the right, click New Rule.
- On the Rule Type page, click Custom, and then click Next.
- On the Program page, click All programs, and then click Next.
- On the Protocol and Ports page, in the Protocol type box, select ICMPv4.Then click the Customize button.
- On the Customize ICMP Settings page, click Specific ICMP types. Then select the specific ICMP type to allow, such as the Echo Request. Click OK and then click Next.See the following table for more information about the listed items.
ICMP message Function of message Packet too big This is a message that indicates the IP packet is too big and must be fragmented before it can be sent to the next link in the transmission. Destination unreachable The response when this computer cannot resolve a connection for a packet of information. Source quench When unable to keep up with the speed of data being transferred, this message is sent back to the sender until the proper speed is attained. Redirect This is a message that is sent back by another network device (usually a router) that tells the computer a better, more efficient path to the requested IP address exists. Allowing this ICMP should allow for better network transmission rates. Echo request This is the ping command. This is used to retrieve the validity of an IP address and determine how long it takes to send and receive data. Network gaming servers often use this command in one form or another. Router advertisement Request for routes used by this computer to aid in routing to neighboring network devices on the same subnet. Router Solicitation Router discovery/selection/solicitation to aid neighboring network devices on the same subnet. Time exceeded This is the return message telling the sending computer that it is taking too long to reassemble a packet. Parameter problem This is a bad header response message. Timestamp request This request is for synchronizing computers over the network. Address mask request Request for the subnet mask information that is being used on the local network when a computer is being turned on.
- On the Scope page, click the Any IP address setting for both local and remote IP addresses. Then click Next.
- On the Action Page, click Allow the connection, and then click Next.
- On the Profile page, select the profiles for which the rule applies such as Domain, Private, and Public. Then click Next.
- On the Name page, type a name (required) and description (optional) for the rule. Then click Finish to return to the inbound rules.
- In the Inbound Rules, verify that the rule is enabled.
Windows Firewall troubleshooting
This section addresses the following symptoms:
- Windows firewall cannot be turned on or off in Security Center.
- Firewall status is not updated in Security Center
- Firewall turns off every time the computer restarts.
To resolve most issues with Windows firewall, reset the firewall using the following steps:
- Click Start, and type command prompt in the Search box.
- In the search results, right-click Command Prompt, and click Run as administrator.
- Click Continue on the User Account Control message.
- In the command prompt window, type netsh advfirewall reset, and press Enter.This resets the firewall configuration.