Ask the Community
Groups
Enable UDP on Windows for Firewall Log Analyzer - Connect IT Community | Kaseya
<main> <article class="userContent"> <h2 data-id="allowing-inbound-udp-traffic">Allowing inbound UDP traffic</h2> <h3 data-id="overview">Overview</h3> <p>RocketCyber's Firewall Log Analyzer is architected to eliminate the need of shipping hardware or deploying complex software. To facilitate the collection of firewall telemetry, UDP 514 is the recommended protocol/port. It is very common that the configuration of Windows Firewall has this blocked, therefore the Firewall Analyzer app has been designed to automatically add an inbound rule for the configured Port and Protocol to allow traffic in. If you are using another host based firewall you should consult the documentation on how to allow this traffic. If your just curious about manually configuring the rule, read on.</p> <h3 data-id="configuration">Configuration</h3> <p>To allow Inbound UDP 514 on your Windows host as the syslog server, see steps below:</p> <h4 data-id="windows-10"><strong>Windows 10</strong></h4> <ol><li> Go to <strong>Control Panel</strong> --> <strong>Systems and Security</strong> --> <strong>Windows Defender Firewall</strong> </li> <li>Select <strong>Allow an App through Windows Firewall</strong> </li> <li>Select<strong> Advanced Settings</strong> --><strong> Inbound Rules</strong> </li> <li>Create a <strong>New Rule</strong> </li> <li> <strong>Port </strong>(click <em>next</em>) --> <strong>UDP</strong> </li> <li>Specify port <strong>514</strong> (click <em>next</em>)</li> <li> <strong>Allow Connection</strong> (click <em>next</em>)</li> <li> <strong>Rule Applies</strong> should have { Domain, Public, Private } all checked (click <em>next</em>)</li> <li>Name this rule "<strong>RocketCyber Syslog</strong>"</li> <li>Click <strong>Finish</strong> </li> </ol> </article> </main>