Firewall rules for Microsoft ActiveSync

This article provides information about the firewall rules needed for Microsoft ActiveSync. It also gives instructions on how to configure the firewall to allow Microsoft ActiveSync.

Microsoft ActiveSync uses the following applications for the communication:
  • Wcesmgr.exe
  • Wcescomm.exe
  • Rapimgr.exe

To configure the firewall, go to the Application Control settings and allow the above applications to act as a client and a server to allow connections between your computer and the mobile device.

Microsoft ActiveSync uses the following ports for the communication:
  • Inbound TCP:
    • 990
    • 999
    • 5678
    • 5721
    • 26675
  • Outbound UDP:
    • 5679

Make sure that these ports are not blocked before the dynamic Application Control rules in your firewall rule list. ActiveSync creates a private personal area network 169.254.2.0/24 for the device and the virtual network adapter so you can limit open connections to this range.

Note: The connection might not work if the active firewall ruleset specifically denies something that ActiveSync needs. For example, the incoming TCP and UDP traffic is denied separately in home and mobile profiles before Application Control rules.

Pricing & Product Info

For product info and pricing please go to the F-Secure product page

Version history
Revision #:
18 of 18
Last update:
‎11-10-2019 06:48 AM
Updated by: