Appendix 16. Using command-line tools
In Windows Server Core mode, because there is no graphical interface, you must configure Windows Firewall through the command line.
6.1 Enabling a program
netsh advfirewall firewall add rule name= "My application" Dir=in action=allow program= "C:\MyApp\MyApp.exe" Enable=yes
netsh advfirewall firewall add rule name= "My application" Dir=in action=allow program= "C:\MyApp\MyApp.exe" Enable=yes rem Oteip=157.60.0.1,172.16.0.0/16,localsubnet Profile=domain
6.2 Enabling ports
netsh advfirewall firewall add rule name= "Open Port" Dir=in action=allow protocol=tcp localport=80
6.3 Remove an enabled program or port
netsh advfirewall firewall delete rule name= rule name program= "C:\MyApp\MyApp.exe"
netsh advfirewall firewall delete rule name= rule name protocol=udp localport=500
6.4 Configuring ICMP
netsh advfirewall firewall add rule name= "ICMP allow incoming V4 echo request" Protocol=icmpv4:8,any Dir=in Action=allow
netsh advfirewall firewall add rule name= "all ICMP V4" Protocol=icmpv4:any,any dir=in Action=allow
netsh advfirewall firewall add rule name= "Block Type ICMP V4" Protocol=icmpv4:13,any dir=in Action=block
6.5 Logging Settings
netsh advfirewall set currentprofile logging filename%systemroot%\system32\logfiles\firewall\pfirewall.log
netsh advfirewall set currentprofile logging maxfilesize 4096
netsh advfirewall set currentprofile logging droppedconnections enable
netsh advfirewall set currentprofile logging allowedconnections enable
6.6 Enabling, resetting the firewall
netsh advfirewall set currentprofile state on
netsh advfirewall reset
6.7 Enabling other services
netsh advfirewall firewall set rule group= "Remote Desktop" new Enable=yes
This article from "SQLServer2014 series" blog, declined reprint!
Appendix 16. Using command-line tools