You may want to occasionally reset Windows firewall settings or rules to clear any unused entries there in the aftermath of malware attack and removal, or when some of the networking features don’t work due to misconfiguration of Windows Firewall.
Windows Firewall comes with predefined Inbound and Outbound connection rules for built-in programs and services. In addition, applications create additional custom firewall rules as necessary. But, over a period, some of those custom firewall exceptions (rules) may become obsolete, as the user may uninstall the corresponding programs from the system.
This article tells how to backup your existing Windows Firewall rules, and then restore the default rules or settings — using Windows Firewall (with Advanced Security) console or using Netsh.exe command-line.
Screenshots in this article are taken from a Windows 10 PC. However, information in this article applies to all versions of Windows, from Windows Vista through Windows 10. The Windows Firewall (with Advanced Security) menu options or placement may slightly vary in Windows Vista and Windows 7, though.
Table of Contents
- Opening Windows Firewall (with Advanced Security) console
- Backup and Restore Windows Firewall Rules Using GUI
- Backup and Restore Windows Firewall Rules Using Netsh Command
- Reset Windows Firewall Settings (or Rules) Using GUI
- Reset Windows Firewall Settings (or Rules) Using Netsh Command
- Reset Windows Firewall Settings (or Rules) Using PowerShell
- Unrecoverable Windows Firewall error (0x3) when resetting, and the “Fix”
You can start Windows Firewall (with Advanced Security) console launching “wf.msc” from the Run dialog (WinKey + R).
In Windows Firewall (with Advanced Security) console, select the top most item “Windows Firewall with Advanced Security on Local Computer” in the left pane.
Right-click on it and click “Export Policy…”. In the save dialog, mention the file name and save it. The file will have the extension .wfw (Windows Firewall – Policy file).
Likewise, you can use the “Import Policy…” option to import settings from an existing .wfw file.
To exports the current Windows Firewall settings to a file using command-line, open Command Prompt as administrator, and type:
netsh advfirewall export "d:\advfirewallpolicy.wfw"
The above command saves the current firewall settings to a file named “advfirewallpolicy.wfw” on your D:\ drive. Alter the file name and path as desired. Similarly, to import the firewall rules from an existing .wfw firewall policy file, use the “import” parameter of Netsh.exe.
In the Windows Firewall (with Advanced Security) console, select the top most item “Windows Firewall with Advanced Security on Local Computer” in the left pane.
Right-click on it, and click Restore Default Policy.
Click Yes when you see the following message.
Restoring the default policy will reset all changes to settings of Windows Firewall that you have made since Windows was installed. This may cause some programs to stop working.
If you are remotely managing this computer, the connection will be lost when default policy is restored.
Do you want to continue?
Open Command Prompt as administrator. Type the following command and press ENTER
netsh advfirewall reset
You should see the text “OK” in the output.
Start PowerShell as administrator, and run the following command to reset the Windows Firewall:
(New-Object -ComObject HNetCfg.FwPolicy2).RestoreLocalFirewallDefaults()
After resetting, some programs will ask you to add firewall exceptions in order for them to work correctly. Here is a Windows Security alert screenshot showing message “Windows Firewall has blocked some features of this app” when launching Google Chrome.
All you need to do is click “Allow access” if you want to let the program access the internet.
You may sometimes receive the following errors when resetting Windows Firewall:
The following error may be shown (in Windows Firewall with Advanced Security):
And the Netsh command-line shows a similar error when resetting the Firewall:
Fix for unrecoverable error 3 (0x3) when resetting Windows Firewall
The above error(s) occur if the registry key that stores the default Windows Firewall rules set is missing — malware may have wiped out the key. To restore the Windows Firewall rules template, download w10_firewall_default_rules.zip (for Windows 10), unzip and run the enclosed REG file.
This restores the required entries under the following registry key:
After applying the REG file, try resetting the Windows Firewall again.
Hope that the information in this article helped. Let’s know your comments.
About the author
Ramesh Srinivasan founded Winhelponline.com back in 2005. He is passionate about Microsoft technologies and has a vast experience in the ITeS industry — delivering support for Microsoft's consumer products. He has been a Microsoft MVP [2003 to 2012] who contributes to various Windows support forums.