The Windows Filtering Platform has blocked a bind to a local port

If you see error event 5152, 5157, and/or 5159 being logged on your Windows 2008 Server(s) which shows a connection has been blocked or a packet has been dropped.
The Process ID will indicate which application was blocked in task manager.  You can see the process ID in task manager by clicking on the view menu inside of task manager and selecting the "Select Columns..." menu item, and putting a check in the "PID (Process Identifier)" checkbox and clicking the OK button.

Enforcement of firewall rules are done by Windows Filtering Platform through enabled filters from the firewall policy. 

Additionaly, you can enable Windows Filtering Platform auditing and monitor the event viewer to see what is happening in Windows Filtering Platform while you reproduce the action that caused the error for further troubleshooting.

The following commands to turn off the Windows Filtering Platform can be run from a command prompt that is run as an administrator:

auditpol /set /subcategory:"Filtering Platform Packet Drop" /success:disable /failure: disable
auditpol /set /subcategory:"Filtering Platform Connection" /success: disable /failure: disable
auditpol /set /subcategory:"IPsec Driver" /success:disable /failure:disable
auditpol /set /subcategory:"IPsec Main Mode" /success:disable /failure:disable
auditpol /set /subcategory:"IPsec Quick Mode" /success:disable /failure:disable
auditpol /set /subcategory:"IPsec Extended Mode" /success:disable /failure:disable

The following commands to turn on the Windows Filtering Platform can be run from a command prompt that is run as an administrator:

auditpol /set /subcategory:"Filtering Platform Packet Drop" /success:enable /failure:enable
auditpol /set /subcategory:"Filtering Platform Connection" /success:enable /failure:enable
auditpol /set /subcategory:"IPsec Driver" /success:enable /failure:enable
auditpol /set /subcategory:"IPsec Main Mode" /success:enable /failure:enable
auditpol /set /subcategory:"IPsec Quick Mode" /success:enable /failure:enable
auditpol /set /subcategory:"IPsec Extended Mode" /success:enable /failure:enable

Was this answer helpful?

 Print this Article

Also Read

Blank or Black Screen after Welcome Screen

If after logging into a server or workstation you receive a blank or black screen directly after...

Account for the SQL Server Agent Service

Agent runs as a specified user account. You select an account for the SQL Server Agent service by...