port assignment on windows 7

Plugable Help Center

Plugable Knowledge Base

Search Results for " "

Not finding what you're looking for.

• Serial Adapter
• How to change the COM port for a ...

How to change the COM port for a USB Serial adapter on Windows 7, 8, 8.1, and 10

Originally authored by: Bernie Thompson, July 4, 2011

Start by going to the Device Manager. Once there do the following: Expand the Ports ‘(COM& LPT)’

You should be looking at something like this:

As you can see Windows has set the port to COM10. However many legacy applications expect the port to be between 1-4. Let’s change that:Right click on the device and click on ‘Properties’.

Click on ‘Port Settings’. Then click on ‘Advanced…’.

Once you’re in ‘Advanced Settings for COM10’ on the bottom you can see the ‘COM Port Number: COM10’. Click on that to change it to the lowest possible number (between 1-4).

Then click ‘OK’ on all open Property Windows. Now the device should look like this:

  Windows OS Hub / Windows 10 / How to Clean Up or Reset COM Port Numbers in Windows

How to Clean Up or Reset COM Port Numbers in Windows

A number of legacy applications are able to address only two-digit COM port numbers, and won’t work with COM100 and higher. In the worst cases, these programs work only with COM1-COM9 ports. What if a device has got a higher COM port number?  Is it possible to reset the numbering for reserved COM ports and delete assigned ports?

How to Change a COM Port Number for a Device in Windows?

Find out which process is using a serial com port in windows, resetting com port numbers in windows registry.

In Windows, you can manually change the COM port number assigned to a device. Suppose the necessary COM port is already busy, and you want to try to free it.

• Open the Device Manager by running the devmgmt.msc command;

• Then expand Ports (COM & LPT) and find your device in the list;
• Go to the Port Settings tab and click the Advanced button;
• The current COM port number assigned to the device can be found in the COM Port Number field;

But more often you cannot change the assigned COM port number to another one in the hardware properties, since all the “lower” COM ports are already in use.In this case, you need to try to remove the COM port reservation

• Expand the Ports (COM & LPT) branch, find which COM port number you need is assigned to (a pale icon means that this COM port is assigned, but this device is not currently connected);

Get-WMIObject Win32_SerialPort | Select-Object Name,DeviceID,Description You can get the COM port number for a specific device by its name, for example:

Get-WMIObject Win32_SerialPort | Where-Object { $_.Name -like "*Arduino*"}|select name, deviceid or Get-WMIObject Win32_SerialPort | Where-Object { $_.Name -like "*GPS*"}|select name, deviceid

You won’t be able to release the COM port of a device that is used by Windows or a running program (process). First, you need to stop the process that is currently using the COM port. You can use the Process Explorer tool (by Sysinternals) to find out the name of the process using a particular COM port number ( https://docs.microsoft.com/en-gb/sysinternals/downloads/process-explorer ).

First, you need to display the name of the service that uses the COM port. Run the PowerShell command:

get-pnpdevice -class Ports -ea 0| Select Name, PNPDeviceID, Status, Service

The service name of the specific COM port is shown in the Service column. For example, for COM2 it is Serial . Now you need to run Process Explorer as an administrator and select Find -> Find Handle or DLL from the menu. In the Handle or DLL substring line, enter the Service value obtained earlier. In our example, this is Serial .

Process Explorer should show the process name that is currently using your COM port. To release the COM port, kill the process or program.

Information about the COM ports in use is stored in CommDB registry parameter under the HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\COM Name Arbiter reg key.

• Unplug all external devices and restart your computer;
• After the reboot, connect the devices in the necessary order, reinstall USB-to-serial converters, etc. All detected COM port devices will be automatically detected by the system and assigned sequential COM port numbers.

You can also use the following free tools to clean up reserved COM ports:

• Device Cleanup Tool – the utility is used to search the registry for previously connected devices (under the registry key HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum ), remove unused devices, and clear COM port reservations.

Mailbox Size and Quotas in Exchange 2019/2016 and Microsoft 365

Can’t access shared folders or map network drives from windows 10 and 11, related reading, printing from linux to a windows shared printer, how to share usb scanner over network on..., automatic outlook user profile configuration with zeroconfigexchange, how to copy/paste to ms word without losing..., check windows 11 hardware readiness with powershell script.

Hi dear When I open Device Manager there is no branch of (COM & LPT) to expand. How can I Add or Find it?

thank you so much

thanks you so much , life saving post 🙂 , i mostly work with iot devices and sometime com ports get busy and am getting com port busy returns in code so this saved my life in flushing com port

Thank you for the post, very helpful

Leave a Comment Cancel Reply

Notify me of followup comments via e-mail. You can also subscribe without commenting.

Current ye@r *

Leave this field empty

• Stack Overflow Public questions & answers
• Stack Overflow for Teams Where developers & technologists share private knowledge with coworkers
• Talent Build your employer brand
• Advertising Reach developers & technologists worldwide
• Labs The future of collective knowledge sharing
• About the company

Collectives™ on Stack Overflow

Find centralized, trusted content and collaborate around the technologies you use most.

Q&A for work

Connect and share knowledge within a single location that is structured and easy to search.

Get early access and see previews of new features.

Assigning TCP/IP Ports for In-House Application Use

I've written a WCF Service hosted by a Windows Service and it needs to listen on a known TCP/IP port. From what range can I safely allocate a port for use within my organization? That port will be embedded in the config files for the service and the clients that are consuming the service.

• 1 Duplicate of stackoverflow.com/questions/10476987/… –  matt2000 Oct 21, 2014 at 12:30
• 2 This is a useful question, and other answerers make a good case that the "accepted" answer (by Jorge Ferreira) is incorrect or at least incomplete, as do the answers on the question of which this is a duplicate. Is it possible to "unaccept" that answer? –  Nat Kuhn Dec 17, 2017 at 15:33
• Possible duplicate of Best TCP port number range for internal applications –  Mohammad Sadegh Sep 6, 2018 at 5:36
• @MohammadSadegh - I don't think this question is a duplicate. I think it is an original . The other similar questions mentioned in the comments seem to have been asked after this question. matt2000 holds a position similar to yours but I disagree with him also. Best!!! –  Shawn Eary Jul 8, 2021 at 22:25

6 Answers 6

Ports 0-1023 are the Well Known Ports and are assigned by IANA. These should only be used for the assigned protocols on public networks.

Ports 1024-65535 used to be called Registered Port Numbers (see rfc1700 ) but are now split into two areas (see rfc6335 ).

Ports 1024-49151 are the User Ports and are the ones to use for your own protocols.

Ports 49152-65535 are the Dynamic ports and should not be prescribed to a protocol.

The User Ports can be used for any protocol, but there are a finite number, so your use will clash with someone elses use on some network somewhere. IANA keep a record of registered port numbers (0-49151). If your protocol will be used on public networks then you need to look into registering it with IANA. If you are only using it within your own network then pick a port within this area (1024-49151) and check that port against the IANA register to make sure it isn't used by a protocol that could be used on your network. For private use it is probably better to pick a number that is assigned to a protocol you know won't be used than to choose one that is unassigned and so may be assigned in the future.

Don't use a port number within the Dynamic range. These ports are assigned by the operating system, dynamically and somewhat randomly. If you open a client connection (using bind() with port=0) you will be assigned an unused port from the dynamic range. There is no way to guarantee that a port in this range will always be free for your protocol.

• Exactly. If you choose a port in the Dynamic range for you application, listening with WCF for example, there is no guarantee that the port is always free and not used by any other application, as Windows could always use this port for another applications opening an outgoing connection. –  David Oliván Mar 26, 2019 at 10:19
• Strictly in terms of the question that is being asked, this answer appears to be fundamentally wrong; the clue seeming to be the "assigned by IANA" comment (& "never assigned" hint at the right answer) within section # 6 of the RFC 6335 - < datatracker.ietf.org/doc/html/rfc6335#section-6 > - at least for ports that have not been submitted to/agreed as being accepted/'assigned' by IANA. –  DennisVM-D2i Apr 7, 2023 at 11:24

Pick a port number from 49152 through 65535.

IANA publishes a list of currently assigned ports.

http://www.iana.org/assignments/port-numbers

The Dynamic and/or Private Ports are those from 49152 through 65535. This is the range from where you SHOULD pick a port for your in-house applications. Of course any port belonging to one of the unassigned ranges on the published list can be used. But be aware that by picking a port number from those unassigned ranges there is no guarantee whatsoever that the port you choose will not be a reserved port in the future.

UNASSIGNED PORT NUMBERS SHOULD NOT BE USED. THE IANA WILL ASSIGN THE NUMBER FOR THE PORT AFTER YOUR APPLICATION HAS BEEN APPROVED.

And make sure that the port number you pick is configurable as you stated:

That port will be embedded in the config files for the service and the clients that are consuming the service.

This will avoid headaches in case some other 3rd party you-cannot-touch software is using your port number. If that happens you just go ahead and change it on the configuration file and it just works.

• 25 On the other hand, application software MUST NOT assume that a specific port number in the Dynamic Ports range will always be available for communication at all times, and a port number in that range hence MUST NOT be used as a service identifier. RFC 6335 –  Bolu Sep 22, 2014 at 10:39
• 14 Bolu is correct. Don't use a port number within the dynamic range . See my explanation elsewhere on this page. –  adrianwadey Jul 1, 2016 at 9:04
• 3 Not wise. As the system might choose to assign the port you are using at any given moment. So your server might look as it working only to fail on a latter loading. –  rxantos Sep 22, 2016 at 1:40
• 4 On the opposite, take a port already assigned to something you're sure won't ever get needed. For example, TCP 31457 is assigned to TetriNET, so it's a pretty sure bet (unless your business is multiplayer tetris). –  maaartinus Aug 20, 2018 at 18:17
• 4 So I don't quite understand why this is still the chosen answer... –  Leonmax Dec 21, 2019 at 21:31

Short answer: Avoid anything up to and including 1023, or over 49152, and test the chosen port against services on your network.

If you've taken the reasonable precautions that it appears you have (putting the port number in a config file), it shouldn't be an enormous disruption if you later discover a conflict.

But (so that I can add something to the other suggestions that have popped up while I've been typing) make sure that you make it easy to change! If it's in config files, make it obvious. Document it, and point it out in troubleshooting. It's the sort of thing that could go wrong, so make it easy to debug if it needs changing.

• 12 Wait, you're telling me to avoid ports above 49152, but the top answer says you should only pick ports 49152 and above. What? –  Camilo Martin Feb 1, 2016 at 22:45
• 5 @CamiloMartin See also adrianwadey's answer. The top answer is sound advice for peer-to-peer applications (e.g. BitTorrent), since they tend to use dynamic ports anyway, often with some kind of discovery service; not so much for client-server applications, which need a reasonably stable port number – even if the port number is stored in a config file, you need to reconfigure the server and its clients whenever it changes. –  JuSTMOnIcAjUSTmONiCAJusTMoNICa Jul 6, 2017 at 14:04

In addition to the other suggestions about picking a common application port, I'd suggest that you make the port configurable within your application. Hard-coded port numbers are a bad idea, particularly if you later find a port conflict with another application and need to change yours.

As a note remember to check those port by netstat /a /n to see if its using by other application or not. I find out vista used the 49152 .... for some application level reason. Basically, because most of the system level listener does not implement port sharing its much safe to use the those ports which are not used at all.

Here is a good list of common application ports . Make your own choice in an empty slot. Maybe you should also scan your network for any in-house special application.

Typically high numbers port are available and I would suggest them but they could be blocked by firewalls.

• 3 the link is broken. Please fix –  German Capuano Jun 16, 2017 at 14:16

Your Answer

Reminder: Answers generated by artificial intelligence tools are not allowed on Stack Overflow. Learn more

Sign up or log in

Post as a guest.

Required, but never shown

By clicking “Post Your Answer”, you agree to our terms of service and acknowledge you have read our privacy policy .

Not the answer you're looking for? Browse other questions tagged tcp or ask your own question .

• The Overflow Blog
• Introducing Staging Ground: The private space to get feedback on questions...
• Featured on Meta
• The 2024 Developer Survey Is Live
• The return of Staging Ground to Stack Overflow
• The [tax] tag is being burninated
• Policy: Generative AI (e.g., ChatGPT) is banned

Hot Network Questions

• Is it rational for heterosexuals to be proud that they were born heterosexual?
• Can I travel with my child to the UK if I am not the person named in their visitor's visa?
• Do we know how the SpaceX Starship stack handles engine shutdowns?
• What should I get paid for if I can't work due to circumstances outside of my control?
• Need intuition for dice betting problem
• ConnectFourFX.java - A Java FX GUI app for playing Connect Four against AI
• What terminal did David connect to his IMSAI 8080?
• StreamPlot does not give me the streamlines I ask for
• How might a physicist define 'mind' using concepts of physics?
• What role does CaCl2 play in a gelation medium?
• Why does SQL-Server Management Studio change "Execute Query" into "Save Results"?
• Have I ruined my AC by running it with the outside cover on?
• How to underline several empty lines
• Are your memories part of you?
• My players think they found a loophole that gives them infinite poison and XP. How can I add the proper challenges to slow them down?
• Simple explanation of what "preferential lattice expansion due to excessive magnesium adsorption", means
• A Fantasy story where a man appears to have been crushed on his wedding night by a statue on the finger of which he has put a wedding ring
• Could a 200m diameter asteroid be put into a graveyard orbit and not be noticed by people on the ground?
• Is this a valid PZN?
• NP-hardness of solving systems of *homogeneous* polynomial equations
• What scientific evidence there is that keeping cooked meat at room temperature is unsafe past two hours?
• Sci-Fi book about an Indian warrior on a mission in a post apocalyptic earth
• Why does the proposed Lunar Crater Radio Telescope suggest an optimal latitude of 20 degrees North?
• Why don't professors seem to use learning strategies like spaced repetition and note-taking?

• Select your search:
• Search Site
• Search Products

How to change asynchronous serial COM port assignments in Windows Device Manager

Sealevel recommends using the installed COM numbers if at all possible to avoid system conflicts. If you previously installed a USB or PCMCIA serial interface, it will have resources assigned by the operating system. If the device is not currently connected to your computer, these COM assignments will not be apparent and forcing new COM port assignments will create a conflict when the devices are reconnected at a later time.

One scenario where you would have to change the COM port assignments is when your legacy application only works at COM1 through COM4 and the Sealevel serial device you installed comes in at COM5 or higher. Another scenario might occur when you install a multiport serial card and the COM port numbers are not assigned consecutively and you want them to appear consecutive.

In Windows 7, Vista, XP or 2000 operating systems, you can change the COM number assignment using Windows Device Manager.  To change the COM port assignments in Device Manager, follow these basic steps:

1) Click the Start button.

2) Right-click on My Computer.

3) In the fly-out menu, click Manage.

4) In the Computer Management Window, click on Device Manager.

5) In the right-hand pane, expand the Ports (COM & LPT) listing by clicking the “+” symbol.

6) Right-click on the COM number you want to change and select Properties from the fly-out menu.

7) In the Communications Port Properties window, click the Port Settings tab and then click the Advanced button.

8) In the Advanced Settings window, you can select the new COM port number from the drop box (be careful not to select a COM number already in use).

9) Click the OK button to confirm your changes. If Windows detects a conflict, choose another COM port number.

10) Click the OK button to close the Communications Port Properties window.

11) When Device Manager refreshes the hardware list, the COM assignment will reflect your changes. To get Device Manager to refresh the window on Windows XP, you may need to click ‘Action’ in the menu and then click ‘Scan for hardware changes’ in the sub-menu (Note: If ‘Scan for hardware changes’ isn’t listed in the sub-menu, click on the computer name in the right pane and then repeat this step).

Contact our technical support department if you are still experiencing problems with serial COM port assignments.

• Computer Trends
• Design Insights
• Engineering for Industry
• Manufacturing Advances
• Sealevel Spirit
• Automation & Control
• Autonomous & Unmanned Systems
• Military & Aerospace
• Public Safety
• Smart Cities
• Transportation
• Accessories
• Digital & Analog I/O
• Embedded Computing
• Industrial IoT
• MIL-STD 1553
• USB Hubs & Isolators
• Quickstart Guides
• Media & Awards
• Product Announcements
• White Papers

Recent FAQs

• What is EtherNet/IP?
• What is Modbus?
• What Modbus functions are supported by Sealevel products?
• What is Modular Open Systems Approach (MOSA)?
• What network speeds can SeaI/O Ethernet (SeaI/O-E) modules handle?

Subscribe to our e-Newsletter

By continuing on this site, you agree to Sealevel’s Terms & Conditions and Privacy Policy Dismiss

Welcome to Sealevel!

We're glad you're here..

We would like to introduce you to the best international partner for all of your Sealevel needs.

Windows 7 & USB Serial Port assignment

In my test department I need to set a USB serial port as Com1 permanently.

The motherboard has a 9 pin serial port already assigned and I have moved that to Com2.

The problem is that when I attach a new serial device to the pc, windows assigns it as Com6.

I know I can go and manually change it to Com1 and it only takes 30 seconds or so to go through the steps required.

After I have changed the port, if I plug in a device that it has already seen and tested it remembers the connection over Com1.

As soon as I plug in a device that Windows hasn’t seen it defaults back to Com6.

However I have a 3,000 of these units that I need to test and the testing software only talks via Com1.

Does anyone know of a way to set a USB serial port to Com1 by default?

Thanks in advance

I haven’t had to do this for awhile, but I have successfully done it in the past. Firstly, to make sure that the USB controller didn’t try to see the device as a new device every time, I dedicated a USB specifically to the adapter by making a label over the port of COM2 ONLY (which I needed to use it as).

From there, with the adapter and device attached, I went into the advanced properties of the COM port in device manager, and changed the port assignment to what I needed. After making the change, I rebooted and on double checking, the assignments stayed as I had set them. Granted, I only had about ten systems to change so it wasn’t that bad. I also wasn’t swapping out devices on the port so for a testing lab you might be better suited in getting an internal com port, or a port replicator for a laptop, which will give you a static piece of hardware as opposed to relying on the USB controller to allocate the assignment.

For the short term, I’m sure it’s possible to find a way to do the reassignment through a batch file as well, but getting a hardware port may be your best choice.

Thanks for this. I have to use a USB adapter as the serial port on the piece of kit we are testing is a Micro USB connection.

Related Topics

This browser is no longer supported.

Upgrade to Microsoft Edge to take advantage of the latest features, security updates, and technical support.

Service overview and network port requirements for Windows

• 12 contributors

This article discusses the required network ports, protocols, and services that are used by Microsoft client and server operating systems, server-based programs, and their subcomponents in the Microsoft Windows Server system. Administrators and support professionals may use this article as a roadmap to determine which ports and protocols Microsoft operating systems and programs require for network connectivity in a segmented network.

Original KB number:   832017

This article contains several references to the default dynamic port range. In Windows Server 2008 and later versions, and in Windows Vista and later versions, the default dynamic port range changed to the following range:

• Start port: 49152
• End port: 65535

Windows 2000, Windows XP, and Windows Server 2003 use the following dynamic port range:

• Start port: 1025
• End port: 5000

What this means for you:

• If your computer network environment uses only Windows Server 2012 or a later version of Windows, you must enable connectivity over the high port range of 49152 through 65535.
• If your computer network environment uses Windows Server 2012 together with versions of Windows earlier than Windows Server 2008 and Windows Vista, you must enable connectivity over both the following port ranges: High port range 49152 through 65535 Low port range 1025 through 5000

If your computer network environment uses only versions of Windows earlier than Windows Server 2008 and Windows Vista, you must enable connectivity over the low port range of 1025 through 5000.

For more information about the default dynamic port range, see The default dynamic port range for TCP/IP has changed .

Don't use the port information in this article to configure Windows Firewall. For information about how to configure Windows Firewall, see Windows Firewall with Advanced Security .

The Windows Server system includes a comprehensive and integrated infrastructure to meet the requirements of developers and information technology (IT) professionals. This system runs programs and solutions that you can use to obtain, analyze, and share information quickly and easily. These Microsoft client, server, and server program products use different network ports and protocols to communicate with client systems and with other server systems over the network. Dedicated firewalls, host-based firewalls, and Internet Protocol security (IPsec) filters are other important components that you must have to help secure your network. However, if these technologies are configured to block ports and protocols that are used by a specific server, that server will no longer respond to client requests.

The following list provides an overview of the information that this article contains:

The System services ports section:

• Contains a brief description of each service.
• Displays the logical name of each service.
• Indicates the ports and protocols that each service requires for correct operation.

Use this section to help identify the ports and protocols that a particular service uses.

The Ports and protocols section includes a table that summarizes the information from the System services ports section. The table is sorted by the port number instead of by the service name. Use this section to quickly determine which services listen on a particular port.

This article uses certain terms in specific ways. To help avoid confusion, make sure that you understand how the article uses these terms:

• System services: System services are programs that load automatically as part of an application's startup process or as part of the operating system startup process. System services support the different tasks that the operating system must perform. For example, some system services that are available on computers that run Windows Server 2003 Enterprise Edition include the Server service, the Print Spooler service, and the World Wide Web Publishing service. Each system service has a friendly service name and a service name . The friendly service name is the name that appears in graphical management tools such as the Services Microsoft Management Console (MMC) snap-in. The service name is the name that is used with command-line tools and with many scripting languages. Each system service may provide one or more network services.
• Application protocol: In this article, application protocol refers to a high-level network protocol that uses one or more TCP/IP protocols and ports. Examples of application protocols include HTTP, server message blocks (SMBs), and Simple Mail Transfer Protocol (SMTP).
• Protocol: TCP/IP protocols are standard formats for communicating between devices on a network. TCP/IP protocols operate at a lower level than the application protocols. The TCP/IP suite of protocols includes TCP, User Datagram Protocol (UDP), and Internet Control Message Protocol (ICMP).
• Port: It's the network port that the system service listens on for incoming network traffic.

This article doesn't specify which services rely on other services for network communication. For example, many services rely on the Remote Procedure Call (RPC) or DCOM features in Microsoft Windows to assign them dynamic TCP ports. The Remote Procedure Call service coordinates requests by other system services that use RPC or DCOM to communicate with client computers. Many other services rely on network basic input/output system (NetBIOS) or SMBs, protocols that are provided by the Server service. Other services rely on HTTP or on Hypertext Transfer Protocol Secure (HTTPS). These protocols are provided by Internet Information Services (IIS). A full discussion of the architecture of the Windows operating systems is beyond the scope of this article. However, detailed documentation on this subject is available on Microsoft TechNet and on the Microsoft Developer Network (MSDN) websites. Although many services may rely on a particular TCP or UDP port, only one service or process at a time can listen on that port.

When you use RPC with TCP/IP or with UDP/IP as the transport, incoming ports are frequently dynamically assigned to system services as required. TCP/IP and UDP/IP ports that are higher than port 1024 are used. These ports are also informally known as random RPC ports . In these cases, RPC clients rely on the RPC endpoint mapper to tell them which dynamic port or ports were assigned to the server. For some RPC-based services, you can configure a specific port instead of letting RPC dynamically assign a port. You can also restrict the range of ports that RPC dynamically assigns to a small range, regardless of the service. For more information about this topic, see the References section.

This article includes information about the system services roles and the server roles for the Microsoft products that are listed in the Applies to section. Although this information may also apply to Windows XP and to Microsoft Windows 2000 Professional, this article is focused on server-class operating systems. Therefore, this article describes the ports that a service listens on instead of the ports that client programs use to connect to a remote system.

System services ports

This section provides a description of each system service, includes the logical name that corresponds to the system service, and displays the ports and the protocols that each service requires.

Active Directory (local security authority)

Active Directory runs under the Lsass.exe process and includes the authentication and replication engines for Windows domain controllers. Domain controllers, client computers, and application servers require network connectivity to Active Directory over specific hard-coded ports. Additionally, unless a tunneling protocol is used to encapsulate traffic to Active Directory, a range of ephemeral TCP ports between 1024 to 5000 and 49152 to 65535 are required.

If your computer network environment uses only Windows Server 2008 R2, Windows Server 2008, Windows 7, Windows Vista or later versions, you must enable connectivity over the high port range of 49152 through 65535.

If your computer network environment uses Windows Server 2008 R2, Windows Server 2008, Windows 7, Windows Vista or later versions together with versions of Windows earlier than Windows Server 2008 and Windows Vista, you must enable connectivity over both port ranges: High port range of 49152 through 65535 Low port range of 1025 through 5000

An encapsulated solution might consist of a VPN gateway located behind a filtering router that uses Layer 2 Tunneling Protocol (L2TP) together with IPsec. In this encapsulated scenario, you must allow the following items through the router instead of opening all the ports and protocols listed in this topic:

• IPsec Encapsulating Security Protocol (ESP) (IP protocol 50)
• IPsec Network Address Translator Traversal NAT-T (UDP port 4500)
• IPsec Internet Security Association and Key Management Protocol (ISAKMP) (UDP port 500)

Finally, you can hard-code the port that is used for Active Directory replication by following the steps in Restricting Active Directory RPC traffic to a specific port . System service name: LSASS .

Packet filters for L2TP traffic are not required, because L2TP is protected by IPsec ESP.

¹ For more information about how to customize this port, see Domain controllers and Active Directory in the References section. This section also includes remote WMI and DCOM communications first used in Windows Server 2012 domain controller promotion during prerequisite validation and with the Server Manager tool.

In addition, the Microsoft LDAP client uses ICMP pings to verify that an LDAP server it has a pending request with is still present on the network. The following settings are LDAP session options:

• PingKeepAliveTimeout = 120 seconds (how long it waits after last response from server before it starts sending ping)
• PingLimit = 4 (how many pings are sent before connection is closed)
• PingWaitTimeout = 2000 ms (how long it waits for the ICMP response)
• Reference: LdapSessionOptions Class

Application Layer Gateway service

This subcomponent of the Internet Connection Sharing/Internet Connection Firewall (ICF) service provides support for plug-ins that allow network protocols to pass through the firewall and work behind Internet Connection Sharing. Application Layer Gateway (ALG) plug-ins can open ports and change data (such as ports and IP addresses) that are embedded in packets. FTP is the only network protocol that has a plug-in that is included with Windows Server. The ALG FTP plug-in supports active FTP sessions through the network address translation (NAT) engine that these components use. The ALG FTP plug-in supports these sessions by redirecting all traffic that meets the following criteria to a private listening port in the range of 3000 to 5000 on the loopback adapter:

• Passes through the NAT engine
• Is directed toward port 21

The ALG FTP plug-in then monitors and updates FTP control channel traffic so that the FTP plug-in can forward port mappings through the NAT for the FTP data channels. The FTP plug-in also updates ports in the FTP control channel stream.

System service name: ALG

ASP.NET State Service

ASP.NET State Service provides support for ASP.NET out-of-process session states. ASP.NET State Service stores session data out-of-process. The service uses sockets to communicate with ASP.NET that is running on a web server.

System service name: aspnet_state

Certificate Services

Certificate Services is part of the core operating system. By using Certificate Services, a business can act as its own certification authority (CA). It lets the business issue and manage digital certificates for programs and protocols such as:

• Secure/Multipurpose Internet Mail Extensions (S/MIME)
• Secure Sockets Layer (SSL)
• Encrypting File System (EFS)
• Smart card logon

Certificate Services relies on RPC and DCOM to communicate with clients by using random TCP ports that are higher than port 1024.

System service name: CertSvc

¹ For more information about how to customize this port, see Remote Procedure Calls and DCOM in the References section.

For more information, see 3.2.2.6.2.1.4.5.9 msPKI-Certificate-Name-Flag .

Cluster service

The Cluster service controls server cluster operations and manages the cluster database. A cluster is a collection of independent computers that act as a single computer. Managers, programmers, and users see the cluster as a single system. The software distributes data among the nodes of the cluster. If a node fails, other nodes provide the services and data that were formerly provided by the missing node. When a node is added or repaired, the cluster software migrates some data to that node.

System service name: ClusSvc

Additionally, for successful validation on Windows Failover Clusters on 2008 and above, allow inbound and outbound traffic for ICMP4, ICMP6, and port 445/TCP for SMB.

¹ Cluster Service UDP traffic over port 3343 requires the Datagram Transport Layer Security (DTLS) protocol, version 1.0 or version 1.2. By default, DTLS is enabled. For more information, see Protocols in TLS/SSL (Schannel SSP) .

² For more information about how to customize these ports, see Remote Procedure Calls and DCOM in the References section.

• Computer Browser

The Computer Browser system service maintains an up-to-date list of computers on your network and supplies the list to programs that request it. The Computer Browser service is used by Windows-based computers to view network domains and resources. Computers that are designated as browsers maintain browse lists that contain all shared resources that are used on the network. Earlier versions of Windows-based programs, such as My Network Places, the net view command, and Windows Explorer, all require browsing capability. For example, when you open My Network Places on a computer that is running Microsoft Windows 95, a list of domains and computers appears. To display this list, the computer obtains a copy of the browse list from a computer that is designated as a browser.

If you are running only Windows Vista and later versions of Windows, the browser service is no longer required.

System service name: Browser

The Browser service uses RPC over Named Pipes to compile.

Dynamic Host Configuration Protocol (DHCP) Server

The DHCP Server service uses the DHCP to automatically allocate IP addresses. You can use this service to adjust the advanced network settings of DHCP clients. For example, you can configure network settings such as Domain Name System (DNS) servers and Windows Internet Name Service (WINS) servers. You can establish one or more DHCP servers to maintain TCP/IP configuration information and to provide that information to client computers.

System service name: DHCPServer

• Distributed File System Namespaces

The Distributed File System Namespaces (DFSN) integrates different file shares that are located on a local area network (LAN) or wide area network (WAN) into a single logical namespace. The DFSN service is required for Active Directory domain controllers to advertise the SYSVOL shared folder.

System service name: Dfs

2 The NETBIOS ports are optional and are not required when DFSN is using FQDN Server names.

• Distributed File System Replication

The Distributed File System Replication (DFSR) service is a state-based, multi-master file replication engine that automatically copies updates to files and folders between computers that are participating in a common replication group. DFSR was added in Windows Server 2003 R2. You can configure DFSR by using the Dfsrdiag.exe command-line tool to replicate files on specific ports, regardless of whether they are participating in Distributed File System Namespaces (DFSN).

System service name: DFSR

¹ For more information about how to customize this port, see Distributed File Replication Service in the References section.

2 Port 5722 is only used on a Windows Server 2008 domain controller or on a Windows Server 2008 R2 domain controller. It is not used on a Windows Server 2012 domain controller.

• Distributed Link Tracking Server

The Distributed Link Tracking Server system service stores information so that files that are moved between volumes can be tracked to each volume in the domain. The Distributed Link Tracking Server service runs on each domain controller in a domain. This service enables the Distributed Link Tracking Client service to track linked documents that are moved to a location in another NTFS file system volume in the same domain.

System service name: TrkSvr

• Distributed Transaction Coordinator

The Distributed Transaction Coordinator (DTC) system service coordinates transactions that are distributed across multiple computer systems and resource managers, such as databases, message queues, file systems, or other transaction-protected resource managers. The DTC system service is required if transactional components are configured through Component Object Model Plus (COM+). It's also required for transactional queues in Message Queuing (also known as MSMQ) and SQL Server operations that span multiple systems.

System service name: MSDTC

¹ For more information about how to customize this port, see Distributed Transaction Coordinator in the References section.

The DNS Server service enables DNS name resolution by answering queries and update requests for DNS names. DNS servers are required to locate devices and services that are identified by using DNS names and to locate domain controllers in Active Directory.

System service name: DNS

The Event Log system service logs event messages that are generated by programs and by the Windows operating system. Event log reports contain information that you can use to diagnose problems. You view reports in Event Viewer. The Event Log service writes events that are sent to log files by programs, by services, and by the operating system. The events contain diagnostic information in addition to errors that are specific to the source program, the service, or the component. The logs can be viewed programmatically through the event log APIs or through the Event Viewer in an MMC snap-in.

System service name: Eventlog

The Event Log service uses RPC over named pipes. This service has the same firewall requirements as the File and Printer Sharing feature.

• Fax Service

Fax Service, a Telephony API (TAPI) compliant system service, provides fax capabilities. Fax Service lets users use either a local fax device or a shared network fax device to send and receive faxes from their desktop programs.

System service name: Fax

File Replication

The File Replication service (FRS) is a file-based replication engine that automatically copies updates to files and folders between computers that are participating in a common FRS replica set. FRS is the default replication engine that is used to replicate the contents of the SYSVOL folder between Windows 2000-based domain controllers and Windows Server 2003-based domain controllers that are located in a common domain. You can use the DFS Administration tool to configure FRS to replicate files and folders between targets of a DFS root or link.

System service name: NtFrs

¹ For more information about how to customize this port, see File Replication Service in the References section.

FTP Publishing Service

FTP Publishing Service provides FTP connectivity. By default, the FTP control port is 21. However, you can configure this system service through the Internet Information Services (IIS) Manager snap-in. The default data (that is used for active mode FTP) port is automatically set to one port less than the control port. Therefore, if you configure the control port to port 4131, the default data port is port 4130. Most FTP clients use passive mode FTP. This means that the client first connects to the FTP server by using the control port. Next, the FTP server assigns a high TCP port between ports 1025 and 5000. Then, the client opens a second connection to the FTP server for transferring data. You can configure the range of high ports by using the IIS metabase.

System service name: MSFTPSVC

Group Policy

To successfully apply Group Policy, a client computer must be able to contact a domain controller over the Kerberos, LDAP, SMB, and RPC protocols. Windows XP and Windows Server 2003 additionally require the ICMP protocol.

If any one of these protocols is unavailable or blocked between the client and a relevant domain controller, Group Policy will not apply or update. For a cross-domain logon, where a computer is in one domain and the user account is in another domain, these protocols may be required for the client, the resource domain, and the account domain to communicate. ICMP is used for slow link detection.

System service name: Group Policy

¹ For more information about how to customize this port, see Domain controllers and Active Directory in the References section.

2 This protocol is required only by Windows XP and Windows Server 2003 acting as clients.

When the Group Policy Microsoft Management Console (MMC) snap-in creates Group Policy Results reports and Group Policy Modeling reports, it uses DCOM and RPC to send and to receive information from the Resultant Set of Policy (RSoP) provider on the client or on the domain controller. The various binary files that make up the Group Policy Microsoft Management Console (MMC) snap-in features primarily use COM calls to send or to receive information. When you initiate remote group policy results reporting from a Windows Server 2012 computer, access to the destination computer's event log is required. (See the Event Log section in this article for port requirements.)

Windows Server 2012 support the initiation of remote group policy update against Windows Server 2012 computers. This requires RPC/WMI access through port 135 and ports 49152-65535 inbound to the computer on which the policy is being refreshed.

The HTTP SSL system service enables IIS to perform SSL functions. SSL is an open standard for establishing an encrypted communications channel to help prevent the interception of extremely important information, such as credit card numbers. Although this service works on other Internet services, it is primarily used to enable encrypted electronic financial transactions on the World Wide Web (WWW). You can configure the ports for this service through the Internet Information Services (IIS) Manager snap-in.

System service name: HTTPFilter

Hyper-V service

Hyper-V replica

Hyper-V live migration

• Internet Authentication Service

Internet Authentication Service (IAS) performs centralized authentication, authorization, auditing, and accounting of users who are connecting to a network. These users can be on a LAN connection or on a remote connection. IAS implements the Internet Engineering Task Force (IETF) standard Remote Authentication Dial-In User Service (RADIUS) protocol.

System service name: IAS

Internet Connection Firewall (ICF)/Internet Connection Sharing

This system service provides NAT, addressing, and name resolution services for all computers on your home network or your small-office network. When the Internet Connection Sharing feature is enabled, your computer becomes an Internet gateway on the network. Other client computers can then share one connection to the Internet, such as a dial-up connection or a broadband connection. This service provides basic DHCP and DNS services but will work with the full-featured Windows DHCP or DNS services. When ICF and Internet Connection Sharing act as a gateway for the rest of the computers on your network, they provide DHCP and DNS services to the private network on the internal network interface. They do not provide these services on the external network interface.

System service name: SharedAccess

IP Address Management (IPAM)

The IPAM client UI communicates with the IPAM server to perform remote management. It's done by using the Windows Communications Framework (WCF), which uses TCP as the transport protocol. By default, the TCP binding is performed on port 48885 on the IPAM server.

BranchCache information

• Port 3702 (UDP) is used to discover the availability of cached content on a client.
• Port 80 (TCP) is used to serve content to requesting clients.
• Port 443 (TCP) is the default port that is used by the hosted cache to accept incoming client offers for content.

ISA/TMG Server

• This port is not used with ISA 2000.
• FWC application transport and protocols are negotiated within the FWC control channel.
• ISA 2000 FWC control uses UDP. ISA 2004 and 2006 use TCP.
• OEM uses Firewall Web Management to provide non-MMC management of ISA Server.
• This port is also used for intra-array traffic.
• This port is used only by the ISA management MMC during remote server and service status monitoring.
• It's the range in TMG. Please note that TMG extends the default dynamic port ranges in Windows Server 2008 R2, Windows 7, Windows Server 2008, and Windows Vista.
• Kerberos Key Distribution Center

When you use the Kerberos Key Distribution Center (KDC) system service, users can sign in to the network by using the Kerberos version 5 authentication protocol. As in other implementations of the Kerberos protocol, the KDC is a single process that provides two services: the Authentication Service and the Ticket-Granting Service. The Authentication Service issues ticket granting tickets, and the Ticket-Granting Service issues tickets for connection to computers in its own domain.

System service name: kdc

• License Logging

The License Logging system service is a tool that was originally designed to help customers manage licenses for Microsoft server products that are licensed in the server client access license (CAL) model. License Logging was introduced with Microsoft Windows NT Server 3.51. By default, the License Logging service is disabled in Windows Server 2003. Because of legacy design constraints and evolving license terms and conditions, License Logging may not provide an accurate view of the total number of CALs that are purchased compared to the total number of CALs that are used on a particular server or across the enterprise. The CALs that are reported by License Logging may conflict with the interpretation of the Microsoft Software License Terms and with Product Use Rights (PUR). License Logging is not included in Windows Server 2008 and later operating systems. We recommend that only users of the Microsoft Small Business Server family of operating systems enable this service on their servers.

System service name: LicenseService

The License Logging service uses RPC over named pipes. This service has the same firewall requirements as the File and Printer Sharing feature.

Message Queuing

The Message Queuing system service is a messaging infrastructure and development tool for creating distributed messaging programs for Windows. These programs can communicate across heterogeneous networks and can send messages between computers that may be temporarily unable to connect to one another. Message Queuing helps provide security, efficient routing, support for sending messages within transactions, priority-based messaging, and guaranteed message delivery.

System service name: MSMQ

Microsoft Exchange Message Transfer Agent (MTA) stacks

In Microsoft Exchange 2000 Server and Exchange Server 2003, the MTA is frequently used to provide backward-compatible message transfer services between Exchange 2000 Server-based servers and Exchange Server 5.5-based servers in a mixed-mode environment.

System service name: MSExchangeMTA

Microsoft POP3 service

The Microsoft POP3 service provides email transfer and retrieval services. Administrators can use this service to store and manage email accounts on the mail server. When you install POP3 service on the mail server, users can connect to the mail server and can retrieve email messages by using an email client that supports the POP3 protocol, such as Microsoft Outlook.

System service name: POP3SVC

The Net Logon system service maintains a security channel between your computer and the domain controller to authenticate users and services. It passes the user's credentials to a domain controller and returns the domain security identifiers and the user rights for the user. This is typically known as pass-through authentication. Net Logon is configured to start automatically only when a member computer or domain controller is joined to a domain. In the Windows 2000 Server and Windows Server 2003 families, Net Logon publishes service resource locator records in the DNS. When this service runs, it relies on the WORKSTATION service and on the Local Security Authority service to listen for incoming requests. On domain member computers, Net Logon uses RPC over named pipes. On domain controllers, it uses RPC over named pipes, RPC over TCP/IP, mail slots, and Lightweight Directory Access Protocol (LDAP).

System service name: Netlogon

2 The NETBIOS ports are optional. Netlogon uses these only for trusts that don't support DNS or when DNS fails during an attempted fallback. If there is no WINS infrastructure and broadcasts can't work, you should either disable NetBt or set the computers and servers to NodeType=2.

The Net Logon service uses RPC over named pipes for earlier versions of Windows clients. This service has the same firewall requirements as the File and Printer Sharing feature.

Network News Transfer Protocol (NNTP)

The Network News Transfer Protocol (NNTP) system service lets computers that are running Windows Server 2003 act as news servers. Clients can use a news client, such as Microsoft Outlook Express, to retrieve newsgroups from the server and to read the headers or the bodies of the articles in each newsgroup.

System service name: NNTPSVC

Offline Files, User Profile Service, Folder Redirection, and Primary Computer

Offline Files and Roaming User Profiles cache user data to computers for offline use. These capabilities exist in all supported Microsoft operating systems. Windows XP implemented roaming user profile caching as part of the Winlogon process while Windows Vista, Windows Server 2008, and later operating systems use the User Profile Service. All of these systems use SMB.

Folder Redirection redirects user data from the local computer to a remote file share, using SMB.

The Primary Computer system for Windows is part of the Roaming User Profile and Offline Files services. Primary Computer provides a capability to prevent data caching to computers that are not authorized by administrators for specific users. Primary Computer uses LDAP to determine the configuration and does not perform any data transfer using SMB; it instead alters the default Offline Files and Roaming User Profile behaviors. This system was added in Windows Server 2012.

System service names: ProfSvc , CscService

Performance Logs and Alerts

The Performance Logs and Alerts system service collects performance data from local or remote computers based on preconfigured schedule parameters and then writes that data to a log or triggers a message. Based on the information that is contained in the named log collection setting, the Performance Logs and Alerts service starts and stops each named performance data collection. This service runs only if at least one performance data collection is scheduled.

System service name: SysmonLog

• Print Spooler

The Print Spooler system service manages all local and network print queues and controls all print jobs. Print Spooler is the center of the Windows printing subsystem. It manages the print queues on the system and communicates with printer drivers and input/output (I/O) components, such as the USB port and the TCP/IP protocol suite.

System service name: Spooler

The Print Spooler service uses RPC over named pipes. This service has the same firewall requirements as the File and Printer Sharing feature.

• Remote Installation

You can use the Remote Installation system service to install Windows 2000, Windows XP, and Windows Server 2003 on Pre-Boot Execution Environment (PXE) remote boot-enabled client computers. The Boot Information Negotiation Layer (BINL) service, the primary component of Remote Installation Server (RIS), answers PXE client requests, checks Active Directory for client validation, and passes client information to and from the server. The BINL service is installed when you add the RIS component from Add/Remove Windows Components, or you can select it when you first install the operating system.

System service name: BINLSVC

• Remote Procedure Call (RPC)

The Remote Procedure Call (RPC) system service is an interprocess communication (IPC) mechanism that enables data exchange and invocation of functionality that is located in a different process. The different process can be on the same computer, on the LAN, or in a remote location, and it can be accessed over a WAN connection or over a VPN connection. The RPC service serves as the RPC Endpoint Mapper and Component Object Model (COM) Service Control Manager. Many services depend on the RPC service to start successfully.

System service name: RpcSs

• RPC does not use only the hard-coded ports that are listed in the table. Ephemeral range ports that are used by Active Directory and other components occur over RPC in the ephemeral port range. The ephemeral port range depends on the server operating system that the client operating system is connected to.
• The RPC Endpoint Mapper also offers its services by using named pipes. This service has the same firewall requirements as the File and Printer Sharing feature.
• Remote Procedure Call (RPC) Locator

The Remote Procedure Call (RPC) Locator system service manages the RPC name service database. When this service is turned on, RPC clients can locate RPC servers. By default, this service is turned off.

System service name: RpcLocator

The RPC Locator service offers its services by using RPC over named pipes. This service has the same firewall requirements as the File and Printer Sharing feature.

• Remote Storage Notification

The Remote Storage Notification system service notifies users when they read from or write to files that are available only from a secondary storage media. Stopping this service prevents this notification.

System service name: Remote_Storage_User_Link

• Remote Storage

The Remote Storage system service stores infrequently used files on a secondary storage medium. If you stop this service, users cannot move or retrieve files from the secondary storage media.

System service name: Remote_Storage_Server

• Routing and Remote Access

The Routing and Remote Access service provides multiprotocol LAN-to-LAN, LAN-to-WAN, VPN, and NAT routing services. The Routing and Remote Access service also provides dial-up and VPN remote access services. Although the Routing and Remote Access service can use all the following protocols, the service typically uses only a few of them. For example, if you configure a VPN gateway that is behind a filtering router, you will probably use only one protocol. If you use L2TP with IPsec, you must allow IPsec ESP (IP protocol 50), NAT-T (UDP on port 4500), and IPsec ISAKMP (UDP on port 500) through the router.

Although NAT-T and IPsec ISAKMP are required for L2TP, these ports are monitored by the Local Security Authority. For more information about this, see the References section.

System service name: RemoteAccess

The Server system service provides RPC support and file sharing, print sharing, and named pipe sharing over the network. The Server service lets users share local resources, such as disks and printers, so that other users on the network can access them. It also enables named pipe communication between programs that are running on the local computer and on other computers. Named pipe communication is memory that is reserved for the output of one process to be used as input for another process. The input-accepting process does not have to be local to the computer.

If a computer name resolves to multiple IP addresses by using WINS, or if WINS failed and the name is resolved by using DNS, NetBIOS over TCP/IP (NetBT) tries to ping the IP address or addresses of the file server. Port 139 communications depend on Internet Control Message Protocol (ICMP) echo messages. If IP version 6 (IPv6) is not installed, port 445 communications will also depend on ICMP for name resolution. Preloaded Lmhosts entries will bypass the DNS resolver. If IPv6 is installed on computers that are running Windows Server 2003 or Windows XP operating systems, port 445 communications do not trigger ICMP requests.

The NetBIOS ports that are listed here are optional. Windows 2000 and newer clients can work over port 445.

System service name: lanmanserver

SharePoint Portal Server

The SharePoint Portal Server system service lets you develop an intelligent portal that seamlessly connects users, teams, and knowledge. It helps people take advantage of relevant information across business processes. Microsoft SharePoint Portal Server 2003 provides an enterprise business solution that integrates information from various systems into one solution through single sign-on and enterprise application integration capabilities.

• Simple Mail Transfer Protocol (SMTP)

The Simple Mail Transfer Protocol (SMTP) system service is an email submission and relay agent. It accepts and queues email messages for remote destinations, and it retries at set intervals. Windows domain controllers use the SMTP service for intersite e-mail-based replication. The Collaboration Data Objects (CDO) for the Windows Server 2003 COM component can use the SMTP service to submit and to queue outgoing email messages.

System service name: SMTPSVC

Simple TCP/IP Services

Simple TCP/IP Services implements support for the following protocols:

• Echo, port 7, RFC 862
• Discard, port 9, RFC 863
• Character Generator, port 19, RFC 864
• Daytime, port 13, RFC 867
• Quote of the Day, port 17, RFC 865

System service name: SimpTcp

Simple Network Management Protocol (SNMP) Service

SNMP Service lets the local computer service incoming SNMP requests. SNMP Service includes agents that monitor activity in network devices and report to the network console workstation. SNMP Service provides a method of managing network hosts (such as workstation or server computers, routers, bridges, and hubs) from a centrally located computer that is running network management software. SNMP performs management services by using a distributed architecture of management systems and agents.

System service name: SNMP

SNMP Trap Service

SNMP Trap Service receives trap messages that are generated by local or by remote SNMP agents. Then the SNMP Trap Service forwards those messages to SNMP management programs that are running on your computer. When SNMP Trap Service is configured for an agent, the service generates trap messages if any specific events occur. These messages are sent to a trap destination. For example, an agent can be configured to start an authentication trap if an unrecognized management system sends a request for information. Trap destinations include the computer name, the IP address, or the Internetwork Packet Exchange (IPX) address of the management system. The trap destination must be a network-enabled host that is running SNMP management software.

System service name: SNMPTRAP

Simple Service Discovery Protocol (SSDP) Discovery Service

SSDP Discovery Service implements SSDP as a Windows service. SSDP Discovery Service manages receipt of device presence announcements, updates its cache, and sends these notifications to clients that have outstanding search requests. SSDP Discovery Service also accepts the registration of event callbacks from clients. The registered event callbacks are then turned into subscription requests. SSDP Discovery Service then monitors for event notifications and sends these requests to the registered callbacks. This system service also provides periodic announcements to hosted devices. Currently, the SSDP event notification service uses TCP port 5000.

Starting with Windows XP Service Pack 2 (SP2), the SSDP event notification service uses TCP port 2869.

System service name: SSDPRSR

TCP/IP Print Server

The TCP/IP Print Server system service enables TCP/IP-based printing by using the Line Printer Daemon (LPD) protocol. The LPD service on the server receives documents from Line Printer Remote (LPR) utilities that are running on UNIX computers.

System service name: LPDSVC

The Telnet system service for Windows provides ASCII terminal sessions to Telnet clients. A Telnet server supports two kinds of authentication and supports the following kinds of terminals:

• American National Standards Institute (ANSI)

System service name: TlntSvr

Remote Desktop Services (RDS)

RDS provides a multi-session environment that enables client devices to access a virtual Windows desktop session and Windows-based programs that are running on the server. RDS enables multiple users to be connected interactively to a computer.

System service name: TermService

RDS Licensing (RDSL)

The RDSL system service installs a license server and provides licenses to registered clients when the clients connect to a RDS server (a server that has RDS enabled). RDSL is a low-impact service that stores the client licenses that are issued for a RDS server and tracks the licenses that are issued to client computers or servers.

System service name: TermServLicensing

RDSL offers its services by using RPC over named pipes. This service has the same firewall requirements as the File and Printer Sharing feature.

• Remote Desktop Connection Broker

The Remote Desktop Connection Broker system service enables clusters of load-balanced RDS servers to correctly route a user's connection request to the server where the user already has a session running. Users are routed to the first-available RDS server regardless of whether they are running another session in the server cluster. The load-balancing functionality pools the processing resources of several servers by using the TCP/IP networking protocol. You can use this service together with a cluster of RDS servers to increase the performance of a single RDS server by distributing sessions across multiple servers. Remote Desktop Connection Broker keeps track of disconnected sessions on the cluster and makes sure that users are reconnected to those sessions.

System service name: Tssdis

Trivial FTP Daemon

The Trivial FTP Daemon system service does not require a user name or a password and is an important part of the Remote Installation Services (RIS). The Trivial FTP Daemon service implements support for the Trivial FTP Protocol (TFTP) that is defined by the following RFCs:

• RFC 1350 - TFTP
• RFC 2347 - Option extension
• RFC 2348 - Block size option
• RFC 2349 - Time-out interval, and transfer size options

Trivial File Transfer Protocol (TFTP) is an FTP that supports diskless startup environments. The TFTP service listens on UDP port 69, but it responds from a randomly allocated high port. Therefore, when you enable this port, the TFTP service receives incoming TFTP requests, but it does not let the selected server respond to those requests. The service is free to respond to any such request from any source port, and the remote client then uses that port during the transfer. Communication is bidirectional. If you have to enable this protocol through a firewall, you may want to open UDP port 69 incoming. You can then rely on other firewall features that dynamically let the service respond through temporary holes on any other port.

System service name: tftpd

UPnP Device Host

The UPnP Device Host discovery system service implements all the components that are required for device registration, control, and the response to events for hosted devices. The information that is registered that relates to a device, such as the description, the lifetimes, and the containers, are optionally stored to disk and are announced on the network after registration or when the operating system restarts. The service also includes the web server that serves the device in addition to service descriptions and a presentation page.

System service name: UPNPHost

Windows Internet Name Service (WINS)

Windows Internet Name Service (WINS) enables NetBIOS name resolution. This service helps you locate network resources by using NetBIOS names. WINS servers are required unless all domains have been upgraded to the Active Directory directory service and unless all computers on the network are running Windows 2000 or later versions. WINS servers communicate with network clients by using NetBIOS name resolution. WINS replication is only required between WINS servers.

System service name: WINS

Windows Media Services

Windows Media Services in Windows Server 2003 and later versions replaces the following services that are included in Windows Media Services versions 4.0 and 4.1:

• Windows Media Monitor Service
• Windows Media Program Service
• Windows Media Station Service
• Windows Media Unicast Service

Windows Media Services is now a single service that runs on Windows Server. Its core components were developed by using COM, and it has a flexible architecture that you can customize for specific programs. Windows Media Services supports a larger variety of control protocols. These include Real Time Streaming Protocol (RTSP), Microsoft Media Server (MMS) protocol, and HTTP.

System service name: WMServer

Windows Remote Management (WinRM)

System service name: WinRM

For more information, see Installation and Configuration for Windows Remote Management .

• Windows Time

The Windows Time system service maintains date and time synchronization on all the computers on a network that are running Windows XP or later versions and Windows Server 2003 or later versions. This service uses Network Time Protocol (NTP) to synchronize computer clocks so that an accurate clock value, or time stamp, is assigned for network validation and for resource access requests. The implementation of NTP and the integration of time providers help make Windows Time a reliable and scalable time service for your business. For computers that are not joined to a domain, you can configure Windows Time to synchronize time with an external time source. If this service is turned off, the time setting for local computers is not synchronized with a time service in the Windows domain or with an externally configured time service. Windows Server 2003 uses NTP. NTP runs on UDP port 123. The Windows 2000 version of this service uses Simple Network Time Protocol (SNTP). SNTP also runs on UDP port 123.

When the Windows Time service uses a Windows domain configuration, the service requires domain controller location and authentication services. Therefore, the ports for Kerberos and DNS are required.

System service name: W32Time

• World Wide Web Publishing Service

World Wide Web Publishing Service provides the infrastructure that you must have to register, manage, monitor, and serve websites and programs that are registered with IIS. This system service contains a process manager and a configuration manager. The process manager controls the processes where custom applications and websites reside. The configuration manager reads the stored system configuration for World Wide Web Publishing Service and makes sure that Http.sys is configured to route HTTP requests to the appropriate application pools or operating system processes. You can use the Internet Information Services (IIS) Manager snap-in to configure the ports that are used by this service. If the administrative website is enabled, a virtual website is created that uses HTTP traffic on TCP port 8098.

System service name: W3SVC

Ports and protocols

The following table summarizes the information from the System services ports section. This table is sorted by port number instead of by service name.

Port 5722 is only used on a Windows Server 2008 domain controller or a Windows Server 2008 R2 domain controller; it is not used on a Windows Server 2012 domain controller. Port 445 is used by DFSR only when creating a new empty replicated folder.

Microsoft provides part of the information that is in this table in a Microsoft Excel worksheet. This worksheet is available for download from the Microsoft Download Center.

Active Directory port and protocol requirements

Application servers, client computers, and domain controllers that are located in common or external forests have service dependencies so that user-initiated and computer-initiated operations such as domain join, logon authentication, remote administration, and Active Directory replication work correctly. Such services and operations require network connectivity over specific port and networking protocols.

A summarized list of services, ports, and protocols required for member computers and domain controllers to inter-operate with one another or for application servers to access Active Directory include but are not limited to the following.

The list of services on which Active Directory depends:

• Active Directory / LSA
• Distributed File System Replication (if not using FRS for SYSVOL replication)
• File Replication Service (if not using DFSR for SYSVOL replication)
• WINS (in Windows Server 2003 SP1 and later versions for backup Active Directory replication operations, if DNS is not working)

The list of services that require Active Directory services:

• Certificate Services (required for specific configurations)
• DHCP Server
• Distributed File System Namespaces (if using domain-based namespaces)
• File Replication Service

The Help files for each Microsoft product that is described in this article contain more information that you may find useful to help configure your programs.

For information about Active Directory Domain Services firewalls and ports, see How to configure a firewall for Active Directory domains and trusts .

General information

For more information about how to help secure Windows Server and for sample IPsec filters for specific server roles, see Microsoft Security Compliance Manager . This tool aggregates all previous security recommendations and security documentation into a single utility for all support Microsoft operating systems:

• Windows security baselines
• Windows Server 2008 R2 Security Baseline
• Windows Server 2008 Security Baseline
• Windows Server 2003 Security Baseline
• Windows 7 Security Baseline
• Windows Vista Security Baseline
• Windows XP Security Baseline

For more information about operating system services, security settings, and IPsec filtering, see one of the following Threats and Countermeasures Guides:

• Threats and Countermeasures Guide: Security Settings in Windows Server 2008 R2 and Windows 7
• Threats and Countermeasures Guide: Security Settings in Windows Server 2008 and Windows Vista
• Threats and Countermeasures: Security Settings in Windows Server 2003 and Windows XP

For more information, see:

• Network Ports Used by Key Microsoft Server Products
• Active Directory and Active Directory Domain Services Port Requirements .

The Internet Assigned Numbers Authority coordinates the use of well-known ports. To view this organization's list of TCP/IP port assignments, see Service Name and Transport Protocol Port Number Registry .

Remote Procedure Calls and DCOM

For a detailed description of RPC, see Remote Procedure Call (RPC) .

For more information about how to configure RPC to work with a firewall, see How to configure RPC dynamic port allocation to work with firewalls .

For more information about the RPC protocol and about how computers that are running Windows 2000 initialize, see Windows 2000 Startup and Logon Traffic Analysis .

Domain controllers and Active Directory

For more information about how to restrict Active Directory replication and client logon traffic, see Restricting Active Directory replication traffic and client RPC traffic to a specific port .

For an explanation of how the Directory System Agent, LDAP, and the local system authority are related, see Directory System Agent .

For more information about how LDAP and the global catalog work, see How the Global Catalog works .

Exchange Server

For information about ports, authentication, and encryption for all data paths that are used by Microsoft Exchange Server, see Network ports for clients and mail flow in Exchange .

There may be additional things to consider for your particular environment. You can receive more information and help planning an Exchange implementation from the following Microsoft websites:

• Exchange Server 2013
• Exchange Server 2007
• Exchange Server 2003

For more information, see Configure Outlook Anywhere in Outlook 2013 .

Distributed File Replication Service

The Distributed File Replication Service includes the Dfsrdiag.exe command-line tool. Dfsrdiag.exe can set the server RPC port that is used for administration and replication. To use Dfsrdiag.exe to set the server RPC port, follow this example:

dfsrdiag StaticRPC/port: nnnnn /Member: Branch01.sales.contoso.com

In this example, nnnnn represents a single, static RPC port that DFSR will use for replication. Branch01.sales.contoso.com represents the DNS or NetBIOS name of the target member computer. If no member is specified, Dfsrdiag.exe uses the local computer.

Internet Information Services

For information about ports in IIS 6.0, see TCP/IP Port Filtering .

For information about FTP, see the following resources:

• FTP Publishing Service webpage
• Configuring FTP Firewall Support

Multicast Address Dynamic Client Allocation Protocol (MADCAP)

For more information about how to plan MADCAP servers, see Checklist: Installing a MADCAP server .

For more information about the ports that are used by Microsoft Message Queuing, see TCP ports, UDP ports, and RPC ports that are used by Message Queuing .

Microsoft Operations Manager

For information about how to plan for and to deploy MOM, see System Center Developer Documentation Library .

For more information about how to configure the port that is used by RDS, see Change the listening port for Remote Desktop on your computer .

Controlling communications over the Internet in Windows

For more information, see the Using Windows Server 2003 with Service Pack 1 in a Managed Environment: Controlling Communication with the Internet .

For information about the ports that are used by Windows Media Services, see Allocating Ports for Windows Media Services .

Was this page helpful?

Coming soon: Throughout 2024 we will be phasing out GitHub Issues as the feedback mechanism for content and replacing it with a new feedback system. For more information see: https://aka.ms/ContentUserFeedback .

Submit and view feedback for

Additional resources

How to View Computer Port Assignments

• Small Business
• Business Technology & Customer Support
• ')" data-event="social share" data-info="Pinterest" aria-label="Share on Pinterest">
• ')" data-event="social share" data-info="Reddit" aria-label="Share on Reddit">
• ')" data-event="social share" data-info="Flipboard" aria-label="Share on Flipboard">

How to Deactivate the Proxy Server

How to log in to a router with hyperterminal, how to connect an android-based phone with froyo to a usb.

• How to Transfer Printer Queue to Another Printer
• How to Turn Off SPI on a NETGEAR Router

With 65,535 possible ports to keep track of, you might think viewing the active ports on your small business' computer is a difficult task. In most cases, the number of assigned ports on the computer will be much smaller than the maximum number. In fact, most computers will use only a few port assignments during normal operation. There is a simple method to view your currently assigned ports in a DOS session with a single command.

Press the “Windows-R” keys.

Type “cmd” without the quotation marks in the “Run” dialog box and click the “OK” button.

Type “netstat -n” at the command prompt and press the “Enter” key. A list of active connections and their port assignments will be displayed on the screen. The assigned port numbers appear immediately after the colon at the end of your IP address.

• The TCP/IP Guide: TCP Common Applications and Server Port Assignments
• Internet Assigned Numbers Authority: Service Name and Transport Protocol Port Number Registry
• A complete list of options for the netstat command is available by typing “netstat/?” at the command prompt.

Finn McCuhil is a freelance writer based in Northern Michigan. He worked as a reporter and columnist in South Florida before becoming fascinated with computers. After studying programming at University of South Florida, he spent more than 20 years heading up IT departments at three tier-one automotive suppliers. He now builds wooden boats in the north woods.

Related Articles

How to enable a computer printer port, how to connect to a mediacom router, how to make your linkedin contact visible, how to hook up a microphone and headset to a computer, how to find the ip address of a local printer in vista, how to flush dns in ie, how to repair a serial port in windows 7, how to remove a dot4 printer port, how to temporarily disable your logitech webcam, most popular.

• 1 How to Enable a Computer Printer Port
• 2 How to Connect to a Mediacom Router
• 3 How to Make Your LinkedIn Contact Visible
• 4 How to Hook Up a Microphone and Headset to a Computer

• Car Diagnostics Device
• FPGA Programming
• Server Tooling
• Smart Phone
• Smart Watch
• Environmental Control
• Wireless Extension
• Factory Testing / Programming
• Industrial Camera
• Industrial Control / Monitoring
• Medical Monitoring
• Ultrasound Device
• VCP Drivers
• D2XX Drivers
• D3XX Drivers
• Technical Support
• Documentation
• Reference Designs
• Software Examples
• Related links
• Corporate Profile
• Sales Network
• FTDI Community
• Search for:

No products in enquiry cart.

No products in the cart.

The utilities page contains useful programs that provide extended capabilities for application development and manufacturing support. Engineers should take care to validate output from these utilities. Extreme vigilance should be exercised when dealing with programming/download utilities so that device contents are not erroneously deleted or corrupted.

• FT60x Configuration
• CDM Uninstaller
• Microsoft USBView
• Linux USBView

FT312D Configuration

• COM PORT Assignment

FT311D Configuration

• FTDIPort Monitor
• Mini Module EEPROM Recovery
• FT232R Clock utility
• Vinculum Customiser
• Ignore HW Serial Number Reg Edit
• ST232R-v1.4
• EEPROM Prog for BSD
• Win CE VCP Test
• FT2232 UART Test
• FT4232H UART Test

The FT312D chip is supplied with a default set of descriptor strings that the Android Open Accessory platform, which the FT312D is connected to, will use to identify and match with the application.

To enable users to pair their hardware/Android application, a utility is provided to allow customers to change these strings.

The utility runs on Windows OS.

The utility is downloadable from here .

The user guide is downloadable from here .

Ignore Hardware Serial Number Registry Editor Utility

This is a free utility that is used for editing the registry to ensure the serial number descriptor of each FTDI device is ignored during driver installation. This feature ensures any FTDI device connected to a USB port is given the same COM port number.

Enter the device type and VID/PID that you want to ignore the serial number on and press WRITE to apply. You can remove the registry key with the ERASE button.

Download the utility here .

Note: the utility should be run before the first device installation and should be ‘Run as Administrator’ (right-click option).

For more information on the Ignore Hardware Serial Number setting and other driver settings please refer to AN_107 Advanced Driver Options which may be downloaded as a pdf from here .

The FT311D chip is supplied with a default set of descriptor strings that the Android Open Accessory platform, which the FT311D is connected to, will use to identify and match with the application.

V2PROG VNC2 Programming Tool

V2PROG is a simple tool for loading pre-compiled .ROM files generated with the Vinculum II toolchain onto Vinculum II IC’s, over the VNC2 debug interface. It provides an easy to use GUI interface for loading FTDI’s precompiled files or files generated by the user onto the IC.

The utility may be downloaded here .

An application note which describes how to use the V2PROG utility (AN_203_Loading_VNC2_ROM_Files_Using_V2PROG_Utility) is available for download as a .PDF by clicking here .

COMPort_Assignment Utility

COMPort_Assignment is a free utility that is used for assigning the COM Port numbers of FTDI devices. It runs under Windows XP, Vista and Windows 7. COMPort_Assignment utility is available for download as a .zip file by clicking here .

An application note which describes how to use the COMPort_Assignment utility (AN_160_COMPort_Assignment_User_Guide ) is available for download as a .PDF by clicking here .

SPITest - Hi-Speed Mini Module EEPROM Recovery Utility

This utility may be used to recover a corrupted EEPROM on a Hi-Speed mini module by erasing it. See application note AN_136 for further details.

SPITest is available for download here .

CDM Uninstaller 1.5 - Windows Device Driver Uninstaller

CDM Uninstaller is a free application that can selectively remove Windows device drivers from the user’s system as specified by the device Vendor ID and Product ID. This application comes as a command driven application or as a GUI executable.

The readme for the command line version is available here and the readme for the GUI version can be viewed here .

Both applications come as a zipped executable that needs to be extracted prior to running. Please refer to the readme for running the application.

Download CDM Uninstaller (command line version + GUI version)

The previous version 1.4 can be downloaded here .

Additionally, a video providing step-by-step instructions on how to install and use the CDM Uninstaller application can be found here .

FT60X Series Configuration Tool

FT60X Chip Configuration Programmer

The FT60x Chip Configuration Programmer utility allows FT600 and FT601 devices to be configured with different USB descriptors such as the Manufacturer String or Serial Number. In addition to this, the utility may be used to configure the mode of operation that the device will use such as clock speed, 245 FIFO or multi-channel (FT600) FIFO mode.

A comprehensive user guide is available here: AN_370 FT60X Configuration Programmer User Guide

FT602 Configuration Programmer

The FT602 Configuration Programmer utility allows you to customize the FT602 device with different USB descriptors such as the Manufacturer String or Serial Number. In addition to this, the utility may be used to configure FIFO mode and UVC parameters.

A comprehensive Configuration Guide is available here: AN_435 – FT602 UVC Chip Configuration Guide

Additionally, a video providing step-by-step instructions on how to use the FT602 Configuration Programmer application for customizing the chip configuration can be seen here .

FT_PROG 3.12.54.665 - EEPROM Programming Utility

FT_PROG is a free EEPROM programming utility for use with FTDI devices.  It is used for modifying EEPROM contents that store the FTDI device descriptors to customize designs.  FT_PROG also includes the capability of programming the Vinculum firmware.

PLEASE NOTE – The use of some of these utilities by an end user may result in a device being rendered useless.

FT_PROG is available for download by clicking here .

The full FT_PROG User Guide can be downloaded here .

Please Note: FT_PROG requires the Microsoft .NET Framework 4.0 installed on your system to run the application. This can be obtained from the Microsoft Website https://www.microsoft.com/download/en/details.aspx?id=17851&WT.mc_id=MSCOM_EN_US_DLC_DETAILS_121LSUS007996

If your system does not have .NET 4.0 installed please download the file from the above link. To install, double click on the dotnetfx.exe and follow the instructions in the wizard.

Microsoft USBView - USB Connection Viewer

USBView is a free utility from Microsoft  that displays the USB connection tree and shows the USB devices that are connected to it together with their configuration data.  This is very useful for debugging USB enumeration errors. USBView runs under Windows 98, ME,2000, XP, Windows 7 and Windows 8/8.1.

USBView is available for download as a .zip file by clicking here . Please note the file must be unzipped before execution.

USBView for Linux - USB Connection Viewer

A version of USBView is available for Linux from http://www.kroah.com/linux-usb/ . As with the Windows version, this displays a connection tree of all the USB devices connected to the PC. A version compiled for x86_64 Linux can be downloaded here .

FT2xxR Clock utility

This is the utility to select whether the FTxxxR device will use the internal or external oscillator.

If you do not have an external crystal connected in your circuit and run this Utility, your FT232R/FT245R may become permanently unusable. Please make sure that the external crystal is connected across the OSCI and OSCO pins of the FT232R/FT245R.

For more information on how to use the FT232R/FT245R with an External Crystal, please refer to Using the FT232R/FT245R with an External Crystal or Oscillator

To download the utility click here 

FTDI Port Monitor - Vista Gadget

FTDI have provided a simple Windows Vista Sidebar gadget to monitor which FTDI COM ports are available.  The list of ports continuously updates to display a list of the COM port numbers assigned to currently available FTDI devices.

The gadget can be installed simply by double-clicking the file .

VCPTest - Windows CE Test Utility for USB UART Devices

The VCPTest program is intended to show how to communicate with an FTDI device from a Windows CE based system using FTDI’s VCP drivers for Windows CE.  It sends and receives data through a loopback connector.

To download the program with C++ source code, click click here .

FT4232H_UART - Manufacturing Test Utility for FT4232H Devices

The FT4232_UART program is intended for use in an FT4232H manufacturing test environment. It has a single button user interface and returns a simple pass or fail for USB – RS232 designs. The executable version is hard-coded for use with the default VID and PID. The FT4232H default VID/PID is 0403/6011. The source code for this program is provided on the FTDI website at the C# Builder examples page and can be built by VC# 2008. The test program also requires a special cable to operate correctly.

To download the utility, click here .

The User Guide can be downloaded here .

FT2232_UART - Manufacturing Test Utility for FT2232 Devices

The FT2232_UART program is intended for use in a FT2232D/H manufacturing test environment. It has a single button user interface and returns a simple pass or fail for USB – RS232 designs. The executable version is hard-coded for use with the default VID and PID. The FT2232H/D default VID/PID is 0403/6010. The source code for this program is provided on the FTDI website at the C# Builder examples page and can be built by VC# 2008. The test program also requires a special cable to operate correctly.

ST232R_ver1.4 - Manufacturing Test Utility and Serialiser for FT232R Devices

The ST232_ver1.4 program is intended for use in a FT232B or FT232R manufacturing test environment. ST232_ver1.4 replaces the previous FTDI utility used for this purpose called ST232R and ST232-245. It has a single button user interface and returns a simple pass or fail for USB – RS232 designs. The executable version is hard-coded for use with the default VID (0x0403) and PID (0x6001) and it can also support other VID and PID combinations by EEPROM.ini modification. The source code for this program is provided on the FTDI website at the C++ Builder examples page and can be built by C++ Builder 2009. The test program also requires a special cable to operate correctly.

To download the test cable specification, click here .

ST232R - Manufacturing Test Utility and Serialiser for FT232R Devices

The ST232R program is intended for use in a manufacturing test environment.  It has a single button user interface and returns a simple pass or fail for USB – RS232 designs.  The executable version is hard-coded for use with the default VID (0x0403) and PID (0x6001) and must be re-compiled to be used with other VID and PID combinations.  The source code for this program is provided on our C++ Builder examples page.  The test program also requires a special cable to work correctly.

To download the executable, click here .

FT2232ST - Manufacturing Test Utility and Serialiser for FT2232C Devices

The FT2232ST program is intended for use in a manufacturing test environment.  It has a single button user interface and returns a simple pass or fail for USB – dual RS232 designs.  The executable version is hard-coded for use with the default VID (0x0403) and PID (0x6010) and must be re-compiled to be used with other VID and PID combinations.  The source code for this program is provided on our C++ Builder examples page.  The test program also requires a special cable to work correctly.

ST232-245 - Manufacturing Test Utility and Serialiser for FT232BM Devices

The ST232-245 program is intended for use in a manufacturing test environment.  It has a single button user interface and returns a simple pass or fail for USB – RS232 designs.  The executable version is hard-coded for use with the default VID (0x0403) and PID (0x6001) and must be re-compiled to be used with other VID and PID combinations.  The source code for this program is provided on our C++ Builder examples page.  The test program also requires a special cable to work correctly.

FTD2XXST - EEPROM Programmer and Test Utility for FT232/FT245 Devices

FTD2XXST is an EEPROM serialiser and testing utility for FT232 and FT245 devices.  FTD2XXST is based on our D2XX drivers and will work on Windows 98, ME, 2000 and XP platforms.  The latest release supports the extra features of the FT232BM and FT245BM devices as well as the AM series devices.

Please note that this utility has been superseded by FT_Prog which will also program FT2232C devices.

FTD2XXST is available for download by clicking here .

The FTD2XXST User Guide is available for download as a .PDF by clicking here .

E2PROG - EEPROM Programmer and Test Utility for FT8U100AX

E2PROG is our EEPROM serialiser and testing utility for the FT8U100AX only.  It runs on a Windows 98 platform and requires the VCP drivers to be installed prior to use.

To download the E2PROG utility, click here .

EEPROM Programmer Utility for FreeBSD

Our thanks to Bernd Walter ( [email protected] ) who has provided a version of our EEPROM serialiser utility for FreeBSD. It should also run on OpenBSD and NetBSD but has only been tested by the author using FreeBSD. It is distributed free of charge under a FreeBSD style license and can be downloaded from the author’s website at location https://www.bwct.de/ftdi-eeprom-1.0.tar.gz .

VEVAL Utility for V-Eval

Program for use with the V-Eval development board.  Can be used as a terminal application, for reprogramming the VNC1L and for monitoring data sent to and from the VNC1L UART.

NOTE: the FT2232 device on the V-Eval board requires FTDI’s CDM drivers

Click here to download

VNC_PROG Programmer for VPROG1

Multi-threaded program for use with the VPROG1 programmer board.  Can be used to program up to 10 VNC1 or VNC2 48pin devices at a time with a specified firmware library.

NOTE: the FT232R device on the VPROG1 board requires FTDI’s CDM drivers

Vinculum Firmware Customiser (V1.1b)

Application to modify firmware default behaviour such as default Baud rate or set short command set.  A user manual is also available.

Application to play music through a VMUSIC1 module (requires TTL-232R-3V3 )

Country Afghanistan Albania Algeria American Samoa Andorra Angola Anguilla Antarctica Antigua and Barbuda Argentina Armenia Aruba Australia Austria Azerbaijan Bahamas Bahrain Bangladesh Barbados Belarus Belgium Belize Benin Bermuda Bhutan Bolivia Bosnia and Herzegovina Botswana Bouvet Island Brazil British Indian Ocean Territory Brunei Darussalam Bulgaria Burkina Faso Burundi Cambodia Cameroon Canada Cape Verde Cayman Islands Central African Republic Chad Chile China Christmas Island Cocos (Keeling) Islands Colombia Comoros Congo Cook Islands Costa Rica Cote D'Ivoire Croatia Cuba Cyprus Czech Republic Denmark Djibouti Dominica Dominican Republic East Timor Ecuador Egypt El Salvador Equatorial Guinea Eritrea Estonia Ethiopia Falkland Islands (Malvinas) Faroe Islands Fiji Finland France, Metropolitan French Guiana French Polynesia French Southern Territories Gabon Gambia Georgia Germany Ghana Gibraltar Greece Greenland Grenada Guadeloupe Guam Guatemala Guinea Guinea-Bissau Guyana Haiti Heard and Mc Donald Islands Honduras Hong Kong Hungary Iceland India Indonesia Iran (Islamic Republic of) Iraq Ireland Israel Italy Jamaica Japan Jordan Kazakhstan Kenya Kiribati North Korea South Korea Kuwait Kyrgyzstan Lao People's Democratic Republic Latvia Lebanon Lesotho Liberia Libyan Arab Jamahiriya Liechtenstein Lithuania Luxembourg Macau FYROM Madagascar Malawi Malaysia Maldives Mali Malta Marshall Islands Martinique Mauritania Mauritius Mayotte Mexico Micronesia, Federated States of Moldova, Republic of Monaco Mongolia Montserrat Morocco Mozambique Myanmar Namibia Nauru Nepal Netherlands Netherlands Antilles New Caledonia New Zealand Nicaragua Niger Nigeria Niue Norfolk Island Northern Mariana Islands Norway Oman Pakistan Palau Panama Papua New Guinea Paraguay Peru Philippines Pitcairn Poland Portugal Puerto Rico Qatar Reunion Romania Russian Federation Rwanda Saint Kitts and Nevis Saint Lucia Saint Vincent and the Grenadines Samoa San Marino Sao Tome and Principe Saudi Arabia Senegal Seychelles Sierra Leone Singapore Slovak Republic Slovenia Solomon Islands Somalia South Africa South Georgia &amp; South Sandwich Islands Spain Sri Lanka St. Helena St. Pierre and Miquelon Sudan Suriname Svalbard and Jan Mayen Islands Swaziland Sweden Switzerland Syrian Arab Republic Taiwan Tajikistan Tanzania, United Republic of Thailand Togo Tokelau Tonga Trinidad and Tobago Tunisia Turkey Turkmenistan Turks and Caicos Islands Tuvalu Uganda Ukraine United Arab Emirates United Kingdom United States United States Minor Outlying Islands Uruguay Uzbekistan Vanuatu Vatican City State (Holy See) Venezuela Viet Nam Virgin Islands (British) Virgin Islands (U.S.) Wallis and Futuna Islands Western Sahara Yemen Democratic Republic of Congo Zambia Zimbabwe Montenegro Serbia Aaland Islands Bonaire, Sint Eustatius and Saba Curacao Palestinian Territory, Occupied South Sudan St. Barthelemy St. Martin (French part) Canary Islands Ascension Island (British) Kosovo, Republic of Isle of Man Tristan da Cunha Guernsey Jersey

This data you have provided for our marketing communications with the latest news, offers, promotion, events and for other purposes described in our privacy policy .

• Privacy Overview
• Strictly Necessary Cookies

This website uses cookies so that we can provide you with the best user experience possible. Cookie information is stored in your browser and performs functions such as recognising you when you return to our website and helping our team to understand which sections of the website you find most interesting and useful.

Strictly Necessary Cookie should be enabled at all times so that we can save your preferences for cookie settings.

If you disable this cookie, we will not be able to save your preferences. This means that every time you visit this website you will need to enable or disable cookies again.

Edgeport / COM-Port Assignment / Windows 7 64bit

Hello, we are using Edgeport/8 USB/RS232 adapters in our company.

Sometimes we get problems with the COM-Port assignment on Windows 7 64-Bit systems.

We use the Ionetworks driver 5.3.

Sometimes some COM-Ports are inverted. We expect the COM-Ports in ascending order for example 3, 4, …, 10. Or if we change the adapter, COM-Ports with 11, 12, …, 18.

But sometimes the order is wrong, for example 3, 5, 4, 6, 7, 8, 9, 10.

If I try to correct it with the Edgeport configuration utility, running from C:\Windows\System32\Edgeport64.exe with administrator rights, nothing happens.

The same behavior occurs on single or dual core computers.

Edgeport configuration utility and the ionport.ini are working only, if no driver for the COM-Ports is installed. My understanding is:

• plug in the adapter
• install the driver for the edgeport/8 devices (this installs the Edgeport configuration utility)
• now I can create an ionport.ini file with the Edgeport configuration utility
• now I can install the driver for the COM-Ports (in order defined in the ionport.ini)

But if I want to change the COM-Ports now, after installing the driver, it is not possible with the ionport.ini.

Another matter or error is, I have to disable the UAC, if I want to uninstall the driver with the Edgeport configuration utility. In the logfile is written, that the OEMx.inf files were deleted. But the OEMx.pnf files were not deleted.

Our problem is the case of services. We have costumer with the adapter and we have the computer. The customer is not able to install the driver with a complicated procedure, if we send him the computer. So it is necessary to send us the adapter, so we can configure the whole system. The problem is that the COM-Port assignment uses the ID of the adapter. What can you recommend me to do in this case?

Edgeport properties: edgeser64.sys = 5.30.02 ionenum64.sys = 5.00.03 edgecoin64.dll = 5.00.03 impscoin64.dll = 5.00.03 edgeport64.exe = 5.58.5 COM Port Assignment = Based on converter serial number.

Please, can you help us?

Best regards André Nollau

Thanks for the detailed information.

The v5.30 Edgeport driver is the current release and it’s compatible with Windows 7, so that is the version you should be using.

About # 1 , the COM ports are inverted acccording to what? Device Manager or the Edgeport Configuration Utility? Or both? The Edgeport Configuration Utility is the best place to look - in other words, it should be trusted over Device Manager. Also, if you haven’t already, click the Refresh button in the Edgeport Configuration Utility to see if that changes they way the COM ports are listed.

Also, are you seeing this behavior with just one particular Edgeport/8 unit, or “across the board” with any Edgeport/8 unit that you use?

About # 2 , I’m not sure what you mean. What do you mean by “correct it”? What exactly are you doing in the Edgeport Configuration Utility then?

About # 3 , the ionport.ini file should be created before the Edgeport is installed. This file applies to “new” Edgeports, for example an Edgeport that hasn’t been connected to the computer before.

If you ever want to change the COM port of an Edgeport (after the Edgeport is installed), you should use the Configure button in the Edgeport Configuration Utility. Never use Device Manager to change Edgeport COM port assignments, as that could cause problems.

About # 4 , are you saying that, if UAC is enabled, then the OEMx.pnf files are not deletec? But if UAC is disabled, then the OEMx.pnf files are deleted?

About # 5 , this is why we provide ionport.ini. With ionport.ini you can pre-configure the COM port assignments which makes it easy for end users to simply plug in the Edgeport. You also might want to experiment with the “Unattended installation” (see the Advanced folder where the Edgeport driver is extracted for documentation) so end users do not have to specify the driver for the Edgeport.

Hello Jeremym, thank you for the information. I need some time, to think about it.

I need to remap the ports whcih are currently all greater than COM8 and have some software that only supports numbers below 8. Any way to do this?

If you’re looking to change the COM port assignments for an Edgeport, you should use the Edgeport Configuration Utility to do that. If the Edgeport driver is installed then you should have a shortcut on the Windows Start Menu to the Edgeport Configuration Utility, either in the Inside Out Networks or Digi USB Program Group. Run that utility, click the Configure button, change the COM ports as needed, then click OK. Afterwards, unplug the USB cable from the Edgeport and plug it back in. Then click Refresh at the bottom-right of the Edgeport Configuration Utility and double-click the Edgeport to expand it. Confirm that the COM port numbers have changed successfully, then close the Edgeport Configuration Utility.

Related Topics

How to Open Ports on Windows 11: A Step-by-Step Guide for Beginners

Learning how to open ports on Windows 11 can be super useful, especially if you’re gaming, hosting a server, or using specific software that requires open ports. Essentially, you’ll need to access the Windows Firewall settings and manually add a new rule to allow traffic through the port you choose.

How to Open Ports on Windows 11

Opening ports on Windows 11 involves tweaking your firewall settings to let particular types of network traffic through. Following these steps will ensure that your applications or games can communicate freely over the internet or local network.

Step 1: Open Windows Security

First, open the Windows Security app from the Start menu.

You can type "Windows Security" into the search bar and select it from the results. This application is your gateway to managing your firewall settings.

Step 2: Navigate to Firewall & Network Protection

Next, select "Firewall & Network Protection" from the list of options.

This section in Windows Security is where you can access all the firewall settings, including rules for inbound and outbound traffic.

Step 3: Advanced Settings

Click on "Advanced Settings" on the Firewall & Network Protection page.

This will open the Windows Defender Firewall with Advanced Security screen, giving you more control over your firewall rules.

Step 4: Inbound Rules

Select "Inbound Rules" in the left-hand pane.

Inbound rules govern the traffic coming into your computer. You’ll create a new rule here to open your desired port.

Step 5: New Rule

Click on "New Rule…" on the right-hand pane.

This will start a wizard that will guide you through the steps of creating a new firewall rule.

Step 6: Select Port

Choose "Port" as the rule type and click "Next."

The wizard will now ask you for more details about the port you wish to open.

Step 7: Specify Port

Select "TCP" or "UDP," then enter the specific port number or range and click "Next."

TCP and UDP are two different types of protocols. Make sure to select the one required by your application or game.

Step 8: Allow the Connection

Choose "Allow the Connection" and click "Next."

This setting will allow traffic through the specified port.

Step 9: Specify Profile

Select the network profiles to apply the rule to (Domain, Private, Public), then click "Next."

These profiles represent different types of networks you might connect to. Choose based on where you’ll use the application.

Step 10: Name the Rule

Give the rule a name, like "Game Port" or "Server Port," and click "Finish."

Naming the rule helps you identify it later if you need to make changes.

Once you’ve completed these steps, the port you specified will be open, allowing the associated application or game to communicate freely through the firewall.

Tips for Opening Ports on Windows 11

• Always double-check the port number and protocol (TCP or UDP) required by the application or game.
• Ensure that your firewall is active and properly configured to avoid security risks.
• Close any ports that are no longer needed to maintain system security.
• Use the "Advanced Settings" wisely to avoid creating conflicts with existing firewall rules.
• Regularly review your firewall rules to keep your system secure and efficient.

Frequently Asked Questions

Why do i need to open ports on windows 11.

Certain applications and games require open ports to communicate over the internet or local network.

Is it safe to open ports?

Yes, but only if you open the necessary ports and keep your system secure by closing unused ports.

What is the difference between TCP and UDP?

TCP is a connection-oriented protocol, while UDP is a connectionless protocol. Choose based on your application’s requirements.

Can I close a port after opening it?

Absolutely. You can delete the firewall rule associated with that port to close it.

Do I need to open ports for all applications?

No, only for applications or games that specifically require open ports for proper functionality.

• Open Windows Security.
• Navigate to Firewall & Network Protection.
• Click Advanced Settings.
• Select Inbound Rules.
• Click New Rule.
• Choose Port.
• Specify Port.
• Allow the Connection.
• Specify Profile.
• Name the Rule.

Opening ports on Windows 11 is an essential skill for anyone looking to optimize their network settings for specific applications or games. By following the step-by-step process outlined in this guide, you’ll be able to manage your firewall settings like a pro. Remember, while opening ports can solve connectivity issues, it’s crucial to maintain a balance between functionality and security. Always monitor and review your firewall rules to ensure your system remains safe. If you’re interested in further enhancing your network skills, consider reading up on advanced firewall configurations or network security best practices. Happy networking!

Matt Jacobs has been working as an IT consultant for small businesses since receiving his Master’s degree in 2003. While he still does some consulting work, his primary focus now is on creating technology support content for SupportYourTech.com.

His work can be found on many websites and focuses on topics such as Microsoft Office, Apple devices, Android devices, Photoshop, and more.

Share this:

• Click to share on Twitter (Opens in new window)
• Click to share on Facebook (Opens in new window)

Related Posts

• How to Check USB Ports on Windows 11: A Step-by-Step Guide
• Checking If a Port Is Open on Windows 11: A Step-by-Step Guide
• How to Delete a Rule in Outlook 2016: A Step-by-Step Guide
• How to Ping a Port on Windows 11: A Step-by-Step Guide
• How to Check COM Port in Windows 11: A Detailed Step-by-Step Guide
• How to Check COM Port in Windows 10: A Step-by-Step Guide
• How to Connect Xbox to Laptop with HDMI Windows 11: Step-by-Step Guide
• How to Change a Wireless Network Security Key in Windows 11: A Step-by-Step Guide
• How to Keep Meeting Requests in Your Inbox: Outlook Tips
• Find Network Password on Windows 11: A Step-by-Step Guide
• Setting Up Wake on LAN on Windows 10: A Step-by-Step Guide
• How to Check NAT Type Windows 11: A Step-by-Step Guide
• How to Map a Network Drive Windows 11: A Step-by-Step Guide
• How to Find Wifi Password Windows 11: A Step-by-Step Guide
• How to Change MAC Address on Windows 11: Step-by-Step Guide
• How to Forget a Network on the iPad: Step-by-Step Guide
• How to Reset Network Settings on iPhone 14: A Step-by-Step Guide
• How to Reset Network Settings on Google Pixel 4A: A Step-by-Step Guide
• How to Reset iPhone 13 Network Settings
• How to Switch from Ethernet to Wifi on Windows 11: A Step-by-Step Guide

Get Our Free Newsletter

How-to guides and tech deals

You may opt out at any time. Read our Privacy Policy

Service Name and Transport Protocol Port Number Registry

Contact Information

How to Check Ports in Use in Windows 10 & 11

Command to check ports in use.

Use CurrPorts to find ports in use

Use Sysinternals TCPView to check ports in use

About The Author

Leave a Comment Cancel Reply

• Surface Book 3
• Surface Book 2
• Surface Book (1st Gen)
• Surface Duo 2
• Surface Duo (1st Gen)
• Surface Go 4
• Surface Go 3
• Surface Go 2
• Surface Go (1st Gen)
• Surface Laptop Go 3
• Surface Laptop Go 2
• Surface Laptop Go (1st Gen)
• Surface Laptop SE
• Surface Laptop Studio 2
• Surface Laptop Studio (1st Gen)
• Surface Laptop 6 for Business
• Surface Laptop 5
• Surface Laptop 4
• Surface Laptop 3
• Surface Laptop 2
• Surface Laptop (1st Gen)
• Surface Pro 10 for Business
• Surface Pro X
• Surface Pro 9
• Surface Pro 8
• Surface Pro 7+
• Surface Pro 7
• Surface Pro 6
• Surface Pro (5th Gen)
• Surface Pro 4
• Surface Pro 3
• Surface Pro 2
• Surface Pro (1st Gen)
• Surface Studio 2+
• Surface Studio 2
• Surface Studio (1st Gen)

Surface Pro 7 specs and features

Surface Pro 7 is more powerful than ever and adapts to the way you work. 

Get to know Surface Pro 7

Not sure where to plug something in or how to turn up the volume? We've got you covered. Here are a few diagrams to help you.

Power button

Headset and microphone jack

Windows Hello facial-recognition camera

Front-facing camera

Studio Mics (dual microphones)

Surface Connect port

microSD™   card reader

Surface Pro 7 and Windows 10

Surface Pro 7 comes with:

Windows 10 Home edition (consumer customers)

Windows 10 Pro edition (commercial customers)

If you have Windows 10 Home on your device, you can upgrade to Windows 10 Pro for an additional cost. For more info, see Upgrade Windows 10 Home to Windows 10 Pro .

Not sure which version of Windows you have? See Which Windows operating system am I running?

If you're not sure which Surface model you're using, see Which Surface model do I have? 

Note:  You can upgrade your Surface Pro 7 to Windows 11. For more info, see  Windows 11 System Requirements .

Surface Pro 7 features

Work your way.

Transform Surface Pro 7 from a tablet to a laptop with the Kickstand and Surface Signature Type Cover. Use the USB-C and USB-A ports to connect to displays, docking stations, and your accessories. 

Next-gen power for your ideas

Surface Pro 7 uses the 10th-generation Intel® Core™ processor with configuration options up to 16GB of RAM and 1TB of SSD. With Fast Charging, all-day battery, and Instant On, you can get back to work wherever you go. 

Express yourself

Surface Pro 7 is available in Platinum and Matte Black, and you can get a Surface Pro Signature Type Cover in new colors. Music sounds crisp and clear with the Dolby Audio Premium sound. When you're on your next call or using voice dictation, take advantage of the dual-far-field Studio Mics. 

Do more with the Windows you know

Enjoy familiar features like Windows Hello sign-in and Microsoft Edge. Get Microsoft 365 to create your best work and store it safely in OneDrive.

Make it your own

Learn more about the optional accessories that work with your Surface Pro 7. 

Surface Pen

Surface Signature Type Cover

Surface Arc Mouse

Surface Dock 

Surface Pro 7 Tech specs

* Some software and accessories sold separately.

[1] Battery life  Surface Pro 7: Up to 10.5 hours of battery life based on typical Surface device usage. Testing conducted by Microsoft in September 2019 using preproduction software and preproduction Intel® Core™ i5, 256GB, 8 GB RAM device. Testing consisted of full battery discharge with a mixture of active use and modern standby. The active use portion consists of (1) a web browsing test accessing 8 popular websites over multiple open tabs, (2) a productivity test utilizing Microsoft Word, PowerPoint, Excel and Outlook, and (3) a portion of time with the device in use with idle applications. All settings were default except screen brightness was set to 150nits with Auto-Brightness disabled. Wi-Fi was connected to a network. Battery life varies significantly with settings, usage and other factors.

[2] Weight not including Type Cover.

[3] System software uses significant storage space. Available storage is subject to change based on system software updates and apps usage. 1 GB = 1 billion bytes. 1 TB = 1,000 GB. See  Surface.com/Storage  for more details.

[4] Available colors for accessories, Type Cover (sold separately), and Surface Pro 7 may vary by market and configuration.

[5] Requires Microsoft 365 subscription.

[6] Microsoft’s Limited Warranty is in addition to your consumer law rights.

Get the most out of your Surface

Learn more about your Surface and customize it with the Surface app. To open it, select Start , enter Surface , and select it to open the app. If the app doesn't open, get it from the Microsoft Store .

Open the Surface app

Related topics

Which Surface model do I have? 

Which Windows operating system am I running?

Need more help?

Want more options.

Explore subscription benefits, browse training courses, learn how to secure your device, and more.

Microsoft 365 subscription benefits

Microsoft 365 training

Microsoft security

Accessibility center

Communities help you ask and answer questions, give feedback, and hear from experts with rich knowledge.

Ask the Microsoft Community

Microsoft Tech Community

Windows Insiders

Microsoft 365 Insiders

Find solutions to common problems or get help from a support agent.

Online support

Was this information helpful?

Thank you for your feedback.