Firewall Exception

During a full server installation, Procare attempts to create firewall exceptions within the Windows Firewall on your main computer. These exceptions allow Procare client computers (those that run Procare) to connect to the main Procare computer where the data is stored. Occasionally exceptions need to be added manually, especially within third party security applications.

Third-Party Security Applications

Procare Support is able to assist with the Windows Firewall only. We cannot assist with third-party security applications such as Norton, McAfee, Kaspersky, Kamodo, etc. During the troubleshooting process you may be asked to deactivate or uninstall your third-party security application.

Network Type

Microsoft Windows helps protect your system by specifying the type of network your computer is connected to. There are multiple types including: Public, Private, Work, and Home. Although the Procare installer attempts to add Firewall Exceptions to the Windows Firewall, it is restricted from adding them to the “Public” network type.

If your system is assigned to a Public Network, you have two options:

• Add the Program Exceptions below to the Public Network within Windows Firewall.
• Change the network type from Public to either Private, Work, or Home.

Note: Procare technicians cannot change your network type; you or your computer tech will need to make that change. See: Change Network Type for Windows 10

Program Exceptions

Most of the time Program Exceptions are sufficient to allow Procare network communication between the workstations and server. Please verify/add the following exceptions to ALL Network Types:

SQL Express Database

• Program Exception #1 – Named “Procare Database Server Engine – SQL”
  • Procare Version 10.2.6614 and higher (uses SQL Express 2014) “C:\Program Files\Microsoft SQL Server\MSSQL12.PROCARE\MSSQL\Binn\sqlservr.exe”
  • Procare Version 10.2.6541 and lower (uses SQL Express 2008) “C:\Program Files\Microsoft SQL Server\MSSQL10.PROCARE\MSSQL\Binn\sqlservr.exe”
  • Program Exception #2 – Named “SQL Browser”
    • 64-bit “C:\Program Files(x86)\Microsoft SQL Server\90\Shared\sqlbrowser.exe”
    • 32-bit “C:\Program Files\Microsoft SQL Server\90\Shared\sqlbrowser.exe”

Procare Licensing Service

• Program Exception – Named “Procare Licensing Service”
  • 32 or 64-bit “C:\Program Files\Procare\Server\Procare.Licensing.Service.exe”

File and Print Sharing

• File and Print Sharing must be allowed for effective network communication.

Port Exceptions

In some cases Port Exceptions must be set to allow Procare network communication. Most often this is due to hardware firewalls, server operating systems, and/or complex network configurations.

• Procare Licensing (service): TCP 2020 and UDP 2021
• SQL Server Browser: UDP 1434
• SQL Server (PROCARE): dynamic TCP port number using the SQL Browser to resolve it – unless statically assigned, locally. The starting point for the port assignment is usually TCP 1433, but it could vary if that port is unavailable.

Setting Firewall Exceptions for Windows 10 as the Procare Server

You will need to create two Inbound Rules for the Procare ports, one for TCP and one for UDP ports. Follow all the steps in order, first for the TCP ports, then repeat the steps from the beginning for the UDP ports.

1. Go to the Start > Control Panel > System & Security > Windows Firewall.
   

2. Click Advanced Settings on the left, then click Inbound Rules.
   

3. On the right side, under Actions, choose New Rule.
   

4. Select Port and click Next.
   

5. Both ports can be defined at once for each Inbound Rule, TCP or UDP. The screen below is for the TCP ports 1433, 2020. Click Next.
   

Note: The screen shot below shows the UDP ports 1434,2021 to create when setting up the second inbound rule. You’ll do this part the second time through these steps.

6. Important! Make sure you click Allow the connection to open the ports for all operating systems older than Windows 10/Vista. Click Next.
   

7. This Rule Applies to Domain, Private, and Public.
   

8. Name the TCP rule something like “Procare TCP Ports 1433,2020” and the UDP rule “Procare UDP 1434,2021” and click Next.
   

9. Return to step 2 above to create the inbound rule for UDP ports.

10. Once you have setup both rules, you’re done. Close the window.