notta Posted July 1, 2019 Share Posted July 1, 2019 We're working with a new application intended to secure Windows clients. You can think of the application as a software firewall. We have defined rules and we're using the ephemeral ports 49152 - 65535. This has worked fine on most systems, but we are getting some computers that have the older ephemeral range of 1025 - 65535. All systems are Windows 7 and Windows 2012 and up so they should be using the default ephemeral range of 49152 - 65535. Do you have any idea why this range would be different on some systems? Do software applications change this range? We have used the netsh command on 2 systems to change the range back to 49152 - 65535 from the older range. Do you foresee any problems long term by shrinking the range? As I said we have changed it on a couple systems without any issues so far. netsh int ipv4 show dynamicport tcp - will show your ephemeral range. netsh int ipv4 set dynamicport tcp start=49152 num=16383 - to set to new range Link to comment Share on other sites More sharing options...
+BudMan MVC Posted July 3, 2019 MVC Share Posted July 3, 2019 You should consider the full range 1025–65535, since an application could use any of those ports that are not currently be using be some other application.. Link to comment Share on other sites More sharing options...
Recommended Posts