Configure the firewall

Sym3 Operator is using different port to communicate with client applications. By default, all ports should be blocked by the firewall.

Option 1: Create a rule for Sym3 Operator (Recommended) Manu

Open the Windows Defender Firewall application (Windows Key + “Firewall”)
Click on “Advanced Settings”
Click on Inbound Rules

Sym3 Operator Web

Create a new Inbound Rule
Select Port
Click Next
Set Specific local ports: 4031
Click Next
Select Allow the connection
Click Next
Give a name to the rule, for example Sym3 Operator Web

Or from the Command Prompt:

netsh advfirewall firewall add rule name="Sym3 Operator Web" dir=in action=allow protocol=TCP localport=4031

Sym3 Operator Service

Create a new Inbound Rule
Select Port
Click Next
Set Specific local ports: 20000,20005,27000,20031
Click Next
Select Allow the connection
Click Next
Give a name to the rule, for example Sym3 Operator Service

Or from the Command Prompt:

netsh advfirewall firewall add rule name="Sym3 Operator Service" dir=in action=allow protocol=TCP localport=20000,20005,27000,20031

Sym3 Alarm Service

Create a new Inbound Rule
Select Port
Click Next
Set Specific local ports: 20010,20011,20012,20013,20021
Click Next
Select Allow the connection
Click Next
Give a name to the rule, for example Sym3 Alarm Service

Or from the Command Prompt:

netsh advfirewall firewall add rule name="Sym3 Alarm Service" dir=in action=allow protocol=TCP localport=20010,20011,20012,20013,20021

Sym3 Replay Service

Create a new Inbound Rule
Select Port
Click Next
Set Specific local ports: 25000,25500-25550
- 25000 is the connection and controlling port
- 25500 to 25550: range of websocket ports. Each replay connection will use one port. You can fine tune this range based on the number of maximum connection that your license has. 25500 is the starting port. So the range will be from 25500 to 25500 + MaxReplayConnectionFromLicense - 1
Click Next
Select Allow the connection
Click Next
Give a name to the rule, for example Sym3 Replay Service

Or from the Command Prompt:

netsh advfirewall firewall add rule name="Sym3 Replay Service" dir=in action=allow protocol=TCP localport=25000,25500-25550

Sym3 Auth Server

Create a new Inbound Rule
Select Port
Click Next
Set Specific local ports: 6050,6051
Click Next
Select Allow the connection
Click Next
Give a name to the rule, for example Sym3 Auth Service

Or from the Command Prompt:

netsh advfirewall firewall add rule name="Sym3 Alarm Service" dir=in action=allow protocol=TCP localport=6050,6051

Option 2: Disable the firewall (Not Recommended)

You can decide to totally disable the firewall. This is not safe and it is NOT the recommended way.

Open the Windows Defender Firewall application (Windows Key + “Firewall”)
Click on “Turn Windows Defender Firewall on or off”

Here is how to do it from a Command Prompt:

:: Turn OFF the firewall
netsh advfirewall set allprofiles state off

:: Turn ON the firewall
netsh advfirewall set allprofiles state on

Full CLI script

To be executed as administrator using cmd.exe

::-- Delete previous rules if required
netsh advfirewall firewall delete rule name="Sym3 Operator Web"
netsh advfirewall firewall delete rule name="Sym3 Operator Service"
netsh advfirewall firewall delete rule name="Sym3 Alarm Service"
netsh advfirewall firewall delete rule name="Sym3 Replay Service"
netsh advfirewall firewall delete rule name="Sym3 Auth Server"

::-- Create new rules
netsh advfirewall firewall add rule name="Sym3 Operator Web" dir=in action=allow protocol=TCP localport=4031
netsh advfirewall firewall add rule name="Sym3 Operator Service" dir=in action=allow protocol=TCP localport=20000,20005,27000,20031
netsh advfirewall firewall add rule name="Sym3 Alarm Service" dir=in action=allow protocol=TCP localport=20010,20011,20012,20013,20021
netsh advfirewall firewall add rule name="Sym3 Replay Service" dir=in action=allow protocol=TCP localport=25000,25500-25550
netsh advfirewall firewall add rule name="Sym3 Auth Server" dir=in action=allow protocol=TCP localport=6050,6051