After you install Windows XP SP2, client applications may not successfully receive data from a server. Following are some examples:

Multimedia streaming software

New mail notifications in some e-mail programs

Alternatively, server applications that are running on a Windows XP SP2-based computer may not respond to client requests. Following are some examples:

A Web server such as Internet Information Services (IIS)

The next section explains how to use this dialog box as one of the methods to enable programs.

To work correctly, some programs and games must receive information over the network. The information enters your computer through an inbound port. For Windows Firewall to permit this information to enter, the correct inbound port must be open on your computer. To enable a program to communicate like it did before Windows XP SP2 was installed, and to enable programs that you want to run, use one of the following methods.

In the Security Alert dialog box, click Unblock this program.

If you do not click Unblock the program in the Security Alert dialog box, the program continues to be blocked. To enable a program by using Windows Firewall, follow these steps:

Click Start, click Run, type wscui.cpl in the Open box, and then click OK.

Click Windows Firewall.

In the Windows Firewall dialog box, click the Exceptions tab, and then click Add Program.

In the Add a Program dialog box, either select the program from the list that appears, or click Browse to locate your program.

If you cannot locate your program, see the next section.

After you select your program, click OK.

On the Exceptions tab, make sure that the check box next to your program is selected, and then click OK.

Note If you later decide that you do not want the program to be an exception, clear this check box.

Adding a program to the list of exceptions has the following advantages:

You do not have to know a specific port number. (By contrast, when you want to open a port, you have to know the number of the port that is used by the program. This is described later.)

The port that is used by the program that is on the list of exceptions will be open only when the program is waiting to receive a connection.

If your program still does not seem to work after you add the program to the list of exceptions, or if you cannot locate the program in step 4 of the previous section, you can open a port manually. Before you can add a port or ports manually, you have to identify the ports that are used by the program. A reliable method for identifying the ports that are used by the program is to contact the vendor. If you cannot do this, or if a list of ports that are used by the program is not available, you can use Netstat.exe to identify the ports that are used by the program.

To use Netstate.exe to identify the ports that are used by a program, follow these steps:

Start the program in question and try to use its network features. For a multimedia program, try to start an audio stream. For a Web server, start the service.

Click Start, click Run, type cmd in the Open box, and then click OK.

Obtain a list of all listening ports. To do this, type the following at a command prompt, and then press ENTER:

Obtain the process identifiers for the processes that are running. Type the following command at the command prompt, and then press ENTER:

Note If the program in question is running as a service, add the /svc switch to list the services that are loaded in each process:

Open Tasklist.txt and locate the program that you are troubleshooting. Note the process identifier for the process.

Open Netstat.txt and note any entries that are associated with that process identifier. Also note the protocol that is used (TCP or UDP).

The number of ports that the process uses may affect how this issue is resolved:

If the process uses more than 1024 ports, the number of ports probably will not change.

If the process uses less than 1024 ports, the program may be using a range of ports. Therefore, opening individual ports may not reliably resolve the issue.

If you cannot identify the ports that are used by the program, you can open a port manually. To identify the specific port number to open, contact the product vendor or see the product user documentation. After you identify the port number that you want to open, follow these steps:

Click Start, click Run, type wscui.cpl in the Open box, and then click OK.

Click Windows Firewall.

On the Exceptions tab, click Add Port.

In the Add a Port dialog box, type the number of the port that you want to open in the Port number box, and then click either TCP or UDP.

Type a name for the port, and then click OK. For example, type GamePort.

To view or set the scope for the port exception, click Change Scope, and then click OK.

On the Exceptions tab, notice that the new service is listed. To enable the port, click to select the check box next to the service, and then click OK

For additional information about configuring Windows Firewall, click the following article number to view the article in the Microsoft Knowledge Base:

The following lists the programs and games that may require you to open the port or ports manually so that the programs can work correctly.

Program	Vendor	Ports	Default exception	Notes
Visual Studio .NET	Microsoft	See the documentation	See the documentation	Needed only for Remote DCOM debugging
SQL	Microsoft	Dynamically assigned ports for RPC and DCOM		Needed only for remote debugging
Backup Exec 9	Veritas	10000	C:\Program Files\Veritas\Backup Exec\RANT32\beremote.exe	Needed only to back up a client from a server
Ghost Server Corporate Edition 7.5	Symantec	139-TCP-NetBIOS Session Service; 445-TCP-SMB over TCP; 137-UDP-NetBIOS Name Service; 138-UDP-NetBIOS Datagram Service	See the documentation	Needed to push down a ghost client
Symantec AntiVirus Corporate Edition 8.0	Symantec	File and Printer Sharing	Checking the “Allow file and printer sharing” check box opens these ports: UDP 137, 138; TCP 139, 445.	Needed to install client
SMS 2003 Server	Microsoft	Enable File and Printer Sharing ports	See the documentation	Needed to view Windows XP SP2 Client Event Viewer
Cute FTP 5.0 XP	GlobalSCAPE	21 or FTP server	See the documentation	Needed to FTP in to a Windows XP SP2-based computer
Exceed 7.0, 8.0	Hummingbird	21 or FTP server	See the documentation	Needed so that FTP for Windows Explorer can connect to remote computers
KEA! 340 5.1	Attachmate	23 or 'Telnet server'	See the documentation	Needed to establish Telnet session to remote host
WRQ Reflection X 10 and 11	WRQ	23 or 'Telnet server'	See the documentation	Needed to establish Telnet session to remote host
Reflection for IBM 9, 9.03, 10 and Reflection X 10 and 11	WRQ	21 or FTP server	See the documentation	Needed so that FTP client can connect to remote computers
Smarterm Office 10 and Smarterm 11	Esker Software	23 or 'Telnet server'	See the documentation	Needed to establish Telnet session to remote host
Smarterm Office 10 and Smarterm 11	Esker Software	21 or FTP server	See the documentation	Needed so that the FTP tool can connect to remote computers
ViewNow 1.05	Netmanage	FTP server or 21	See the documentation	Needed so that FTP tool can connect to remote computers
ViewNow 1.0 and 1.05	Netmanage	6000 (TCP/IP) and 177 (UDP)	See the documentation	Needed to establish X-Windows Sessions
ViewNow 1 or 1.05	Netmanage	Telnet Server or 23	See the documentation	Needed to establish Telnet session to remote host
Microsoft Operations Manager 2000 SP1	Microsoft	Enable ICMP echo request, File and Printer Sharing and UDP	See the documentation	Needed to push MOM Agent onto a Windows XP SP2-based client that has Windows Firewall enabled
AutoCAD 2000, 2002, 2004	Autodesk	21	See the documentation	Needed to browse projects using FTP viewer (File Open dialog) when remote FTP host has Windows Firewall enabled.
Backup Exec 9.1.4691	Veritas	See the documentation	%Program Files%\Veritas\Backup Exec\RANT\beremote.exe	Needed to back up Windows XP SP2-based client
Windows Scanner and Camera Wizard	Xerox Network Scanners	21	See the documentation	Needed so that the Scanner and Camera Wizard starts and the scanned images are available for the user to access.
Symantec Corporate AntiVirus 9.0	Symantec	See the documentation	See the documentation	Needed so that while pushing anti virus Definition to clients, the client computer will accept the updates and can be scanned.
ColdFusion MX Server Edition 6	Macromedia	TCP (by default, 8500)	See the documentation	Needed to allow remote access as Web server
CA ARCserve	Computer Associates	137-UDP-NetBIOS Name Service; 138-UDP-NetBIOS Datagram Service; 139-TCP-NetBIOS Session Service; 704-UDP; 1478-UDP-MS-sna-base; 1900-UDP-SSDP; 6050-TCP-ARCserve Service; 6051-TCP-ARCserve Service	See the documentation	Needed for remote installs, licensing, and client communications
EDM File System Agent 4.0	EMC	3895	See the documentation	Needed to install EDM client from server to Windows XP SP2
Microsoft Systems Management Server 2003	Microsoft	TCP:2701	%WINDIR%\System32\CCM\CLICOMP\RemCtrl\Wuser32.exe	Needed so that Remote Tool can remote control a Windows XP SP2-based client computer
Aelita ERdisk for Active Directory 6.7	Quest Software	See the documentation	File and Printer Sharing	Needed to contact a remote computer
Hummingbird Host Explorer 8	Hummingbird	23 TCP and 21 TCP	See the documentation	Needed to Telnet in to a Windows XP SP2-based client
BV-Admin Mobile	Bind View	See the documentation	File and Printer Sharing	Needed to contact a remote computer
SQL 2000a	Microsoft	1433 and 1434	See the documentation	Needed to connect to remote computer
Backup Exec 8.6.1				Needed so that the server can push remote agent to a Windows XP SP2-based client
Microsoft SNA 4.0 SP3	Microsoft	See documentation	File and Printer Sharing	Needed to see a Windows XP SP2-based client
Extra! Personal Client 6.5 and 6.7	Attachmate	Telnet Server or port 23	See the documentation	Needed to establish Telnet session to remote host
Extra! Enterprise 2000	Attachmate	Telnet Server or port 23	See the documentation	Needed to establish Telnet session to remote host
Extra! Bundle for TCP/IP 6.6	Attachmate	Telnet Server or port 23	See the documentation	Needed to establish Telnet session to remote host
Volume Manager 3.1	Veritas	2148	c:\Progam Files\Veritas\Veritas Object Bus\Bin\vxsvc.exe	Needed to connect to a Windows XP SP2-based client
BMC Patrol for Windows 2000	BMC Software	On the Windows XP SP2-based (client) computer: TCP ports 3181, 10128 and 25; UDP ports 3181, 10128 and 25	\\<Server Name>\BMC Software\Patrol 3-4\Best1\6.5.00\bgs\bin\Best1CollectGroup.exe	Needed to allow connection of server to client computer. Make sure that you have shared the BMC Patrol file on the server before you try to move to the default exception path on the client.
eTrust 6.0.100	Computer Associates	File and Printer Sharing ports and ICMP echo request and port TCP 42510	See the documentation	Needed to remote install to Windows XP SP2
NetShield 4.5	McAfee Security	See the documentation	File and Printer sharing	Needed to Remote Connect to a Windows XP SP2-based client
Computer Associates eTrust 7.0	Computer Associates	Add the File and Printer Sharing ports and ICMP echo request	See the documentation	Needed so that a Windows Server 2003 eTrust 7.0 server can remotely test logon to a Windows XP SP2-based client
Computer Associates eTrust 7.0				Needed so that a Windows Server 2003 eTrust 7.0 server can remotely install the client eTrust software on Windows XP SP2-based computers. Resolved by setting the following to 0 and then rebooting: HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows NT\RPC\RestrictRemoteClients (DWORD value)

Game	Vendor	Ports	Default exception
Chess Advantage III: Lego Chess	Encore	See the documentation	See the documentation
Need for Speed Hot Pursuit 2	EA Games	See the documentation	See the documentation
Unreal Tournament 2003	Atari	See the documentation	See the documentation
Unreal Tournament Game of the Year Edition	Atari	See the documentation	See the documentation
Midnight Outlaw: Illegal Street Drag 1.0	VALUSoft	See the documentation	Defwatch.exe
Scrabble 3.0	Atari	See the documentation	See the documentation
Star Trek StarFleet Command III 1.0	Activision	See the documentation	See the documentation

Microsoft provides third-party contact information to help you find technical support. This contact information may change without notice. Microsoft does not guarantee the accuracy of this third-party contact information.

The third-party products that this article discusses are manufactured by companies that are independent of Microsoft. Microsoft makes no warranty, implied or otherwise, regarding the performance or reliability of these products. For information about how to contact any of the vendors that are listed in one of the following articles, click the appropriate article number in the following list to view the article in the Microsoft Knowledge Base:

Last Reviewed:	8/4/2004 (2.0)
Keywords:	kbhowto kbprb kbConfig kbSecurity kbAppCompatibility kbFirewall kbinfo KB842242

AMSS COMMUNITY HUB

James K. Murray (MCSA, MCSD)
President
A. M. Software Services, Inc.
347.247.6680
JamesMurray@AMSoftwareServices.com
http://www.amsoftwareservices.net

A. M. Software Services, Inc. - Knowledge Base

Some Programs Seem to Stop Working After You Install Windows XP Service Pack 2

SUMMARY

INTRODUCTION

Windows Firewall Security Alert

Enabling programs

Enable programs by using the Security Alert dialog box

Enable programs by using Windows Firewall

Identifying and opening ports

Identify ports by using Netstat.exe

Open ports manually by using Windows Firewall

Programs that may require you to open ports manually

Programs

Games

The information in this article applies to: