Millions of Internet users across the globe are using VPNs to encrypt and secure their data while keeping their browsing anonymous online.

VPNs also help users bypass geo-restrictions and unblock content from sites they otherwise wouldn’t be able to access, while anonymous.

However, many of these users face difficulties when trying to install and/or launch their VPN client on Windows, and usually, it is blocked by a firewall or other security software in place.

If you experience your VPN block issues by Windows firewall, in most cases it is a default setting, but there are ways to get around it and get connected again. Use the solutions below to do this.

What can I do if my VPN got blocked by Windows firewall?

  1. Add an exclusion
  2. Change Allow app settings
  3. Change adapter settings
  4. Create a new inbound rule
  5. Enable rule for PPTP
  6. Open ports
  7. Turn off SSL monitoring
  8. Change your VPN

1. Add an exclusion

  1. Open Windows Defender Security Center
  2. Go to Virus & Threat protection settingswindows defender virus protection
  3. Select Exclusions
  4. Select Add or remove exclusions
  5. Select Add an exclusion and add your VPN client software

Note: Most VPN clients use ports 500 and 4500 UDP, and port 1723 for TCP. If these don’t work, add a new rule to allow them in Windows Firewall Advanced settings.

You want to check if your firewall is blocking the VPN? Follow the simple steps from this guide to find out.

2. Change Allow app settings

VPN blocked by windows firewall

  • Select System & Security

VPN blocked by windows firewall

  • Click Windows Defender Firewall

VPN blocked by windows firewall

  • On the left pane, click Allow an app or a feature through Windows Firewall. A window in which you can allow or prevent any app will display

VPN blocked by windows firewall

  • Click Change Settings

VPN blocked by windows firewall

  • Check for your VPN from the list of programs and apps you want to allow through your firewall
  • Check Public or Private to select the network type on which you want the VPN to run
  • If you cannot find your VPN, click Allow another app
  • Select your VPN and then click Add, then click OK

You can’t open Control Panel? Take a look at this step-by-step guide to find a solution.

3. Change adapter settings

  • Open Control Panel and select Network & Internet

VPN blocked by windows firewall

  • Select Network and Sharing Center

VPN blocked by windows firewall

  • On the left pane, click Change adapter settingsVPN blocked by windows firewall
  • Click File
  • Select New incoming connection
  • Select all users you want to access your VPN connection
  • Check Through the Internet
  • Click Next
  • From the list of protocols, mark the Internet protocols you want your VPN to connect to
  • Double click Internet Protocol Version 4 (TCP/IPv4)
  • Go to Control Panel again and select Windows Firewall

VPN blocked by windows firewall

  • Click Advanced Settings

VPN blocked by windows firewall

  • Click Inbound Rules>Actions

VPN blocked by windows firewall

  • Click New Rule

VPN blocked by windows firewall

  • In the Wizard, choose Port and click Next. Most VPN clients use ports 500 and 4500 UDP, and port 1723 for TCP. You can use TCP and insert 1723 in Specific remote ports field

VPN blocked by windows firewall

  • Click Next
  • Select Allow the connection and click Next

VPN blocked by windows firewall

  • When asked ‘When does this rule apply?’ select all options (Domain, Private, Public) and apply the rule to all
  • Choose a name and description to fill the Name and Description
  • Click Finish

4. Create a new inbound rule

  • Open Windows firewall with advanced security
  • Click inbound rules on the left
  • Click New rule on the right
  • Click Custom rule
  • Specify programs or leave as all programs
  • Specify ports or leave as all ports
  • Click “These IP addresses” under remote IP
  • Click “This IP address range”
  • Type From “” To “”
  • Close and click Next, then leave as “Allow the connection”
  • Apply to all profiles
  • Name your profile and click Finish

You should then be able to connect to your home devices through your VPN

Your VPN is not working after a Windows 10 update? Don’t worry, we’ve got the right solution for you.

5. Enable rule for PPTP

If your VPN requires PPTP, do the following:

  • Open Control Panel
  • Select Windows Firewall
  • Select Advanced Settings

VPN blocked by windows firewall

  • Search for the ‘Routing and Remote Access‘ under Inbound Rules and Outbound Rules. For Inbound Rules: right-click ‘Routing and Remote Access (PPTP-In)’, select Enable Rule. For Outbound Rules: right-click ‘Routing and Remote Access (PPTP-Out)’, select Enable Rule.

6. Open ports

In order to allow your VPN traffic to pass through the firewall, open the following ports:

  • IP Protocol=TCP, TCP Port number=1723 – used by PPTP control path
  • IP Protocol=GRE (value 47) – used by PPTP data path
  • Make sure that these ports are allowed on Windows Firewall with corresponding network profile.
  • DO NOT configure RRAS static filters if you are running on the same server RRAS based NAT router functionality. This is because RRAS static filters are stateless and NAT translation requires a stateful edge firewall like ISA firewall.
  • In general, VPN error 807 indicates that the network connection between your computer and the VPN server was interrupted. This also can be caused by a problem in the VPN transmission and is commonly the result of internet latency or simply that your VPN server has reached capacity. Try to reconnect to the VPN server.

Need more info on how to open firewall ports in Windows 10? Follow this simple guide and learn how to do it easily.

7. Turn off SSL monitoring

Depending on your firewall or security software, there are steps to take to fix VPN blocked by Windows firewall. Here’s what to do if you’re using NOD32 or Kaspersky:


  • Select Setup
  • Select Advanced Setup
  • Select Antivirus and antispyware
  • Select Web access protection
  • Select HTTP, HTTPS > HTTP scanner setup, and set HTTPS filtering mode to Do not use HTTPS protocol checking.

Note: If HTTPS filtering mode is greyed out, you must first set Antivirus and antispyware > Protocol filtering > SSL to Always scan SSL protocol. Restore this to its previous setting after changing HTTPS filtering mode.


  • Select Settings
  • Select Traffic Monitoring panel
  • Select Port Settings or settings
  • Select Network
  • Select Port Settings and uncheck the box for port 443/SSL

8. Change your VPN

You can also change your VPN and see if it resolves the issue. A great VPN you can use is CyberGhost.

CyberGhost VPN’s servers all have optical fiber internet connections with very high data speeds, which makes it a fast VPN for Windows operating system, besides its powerful features and performance.

It is a favorite among the best VPN software for laptops as it not only protects your privacy on a multi-platform privacy solution.

Features include the highest encryption available with 256-bit encryption technology, hiding of your IP, Wi-Fi protection if in a public area, a strict no logs policy that doesn’t track your internet activity, multiplatform apps for all your devices, security for transactions and conversations, plus access to over 1000 VPN servers in more than 30 of the most popular countries.

The benefits of using CyberGhost include access to restricted content, protection for all your devices, ad blocking, and malware blocking.

Need more options? Check out this list with the best VPNs available today.

Any luck fixing VPN blocked by Windows firewall using the solutions above? Share with us by leaving a comment in the section below.

Also, leave there any other suggestions or questions that you may have and we’ll be sure to check them out.


Editor’s Note: This post was originally published in April 2018 and has been since completely revamped and updated for freshness, accuracy, and comprehensiveness.