Configuring Windows XP SP2 firewall and NFS


September 2004 | Back to drobe.co.uk | Contact

Paul Stewart explains how to configure the Windows XP Service Pack 2 firewall to work with the NFS setup previously described on drobe.co.uk.

With the release of the mammoth service pack 2 for Windows XP, Microsoft has strived to perform a major update to Windows XP on the security front. One the new features is the new Windows firewall.

Whilst this was a much needed update for Windows, it does cause NFS users a slight problem. With the Windows Firewall enabled, by default you will not be able to connect to your NFS server. However it is possible to fix this by adjusting the settings of the Windows firewall. To do so, follow the instructions below. Please note, all these instructions are to be performed on your Windows XP workstation.

Screenshot of the Windows Security Centre
Figure 1: The Windows XP security centre

Screenshot of the 'change scope' window
Figure 2: The 'change scope' window

Instructions

  1. Open up the Windows Security Centre, by navigating through Start->Programs->Accessories->System Tools->Security Center.
  2. Click on Windows Firewall (see figure 1). This is located to the bottom of the window.
  3. You will now be presented with the Windows firewall window. Click on the Exceptions tab. This is the second tab in at the top of the window.
  4. From the Exceptions tab, click the second button in from the bottom left. This should be the "Add Port.." button.
  5. You need to add 3 UDP ports: mountd, nfs, portmapper. The screenshots below show how to configure these.
  6. For the mountd port, the port name is 'mountd' and the port number is '810'.
  7. Click on the "Change scope..." button. The change scope window will now open, as per figure 2.
  8. Select the scope you want this port to cover. For most users, it will be prudent to select "My network (subnet) only". This means only computers local to your network can be trusted to access the NFS server.
  9. Repeat steps 6, 7 and 8 for the remaining two ports: NFS and Portmapper. Figures 3, 4 and 5 are the screen shots of the "Edit a Port" windows and show the required information for each port.

Screenshot of the port edit window
Figure 3: mountd is UDP port 810

Screenshot of the port edit window
Figure 4: NFS is UDP port 2049

Screenshot of the port edit window
Figure 5: Portmapper is UDP port 111