Chris De Herrera's Windows CE Website

Discuss.Pocket PC FAQ Forum

Add Pocket PC FAQ to your Favorites
RSS    RSS Feeds
Wiki    Lost?
Custom Search
Subscribe    Print
Table of Contents
Mobile Format

PDA Gold


Pocket PC Magazine Best Site

Website Awards
Website Updates

By Chris De Herrera 
Copyright 1998-2007
 All Rights Reserved
A member of the Talksites Family of Websites

Windows and Windows CE are trademarks of Microsoft
and are used
under license from owner.
CEWindows.NET is not
associated with Microsoft 

All Trademarks are owned
by their respective companies.

Configuring Windows XP, Service Pack 2's Firewall and ActiveSync 3.x
By Chris De Herrera, Copyright 2004
 Version 1.01  Revised 10/3/2004

Shop unique and cheap iPhone cases on

The following explains how to configure Windows XP, Service Pack 2's firewall to work with Microsoft ActiveSync.  Also, included is the ability to change the configuration to control what hosts ActiveSync is able to communicate with for additional security.  I tested Windows XP, Service Pack 2's Firewall with Microsoft ActiveSync v3.7.1, Microsoft Outlook 2002, and a HP iPAQ 6315 Windows Mobile 2003.  This information should work with all versions of ActiveSync 3.x and all Mobile Devices including the Smartphone and Handheld PC.

Initial Firewall Configuration

When you first launch ActiveSync you will see a message like this:

If you click on the Unblock button you will be able to use ActiveSync with Windows XP, Service Pack 2's Firewall.  If you click on Keep Blocking you will not be able to use ActiveSync.

Checking/Changing the Firewall Settings

You can confirm whether or not ActiveSync is allowed through the firewall by clicking on Start - Control Panel - Security Center - Windows Firewall and then the Exceptions tab.  You will see the screen below:

If ActiveSync is not listed then launch ActiveSync and close and reopen the Windows Firewall.

When it is configured to allow access it will look like this:

You must make sure that the check box next to ActiveSync Connection Manager in order to use ActiveSync.  Also, you must make sure that File and Printer Sharing is checked in order to synchronize via a network connection (Wi-Fi, Ethernet or Modem).

Securing ActiveSync using the Firewall

You can limit the systems that ActiveSync is able to connect to by customizing the security settings for ActiveSync in the Firewall settings.  Click on Start - Control Panel - Security Center - Windows Firewall and then the Exceptions tab.

Then click on the ActiveSync Connection Manager and click the Edit button.

Then click on the Change Scope button.  This is the default screenshot.

Click on the Custom list and enter:
This will prevent ActiveSync from accessing the internet and your network however it will allow USB, IR and serial connections.  If you want to sync via your LAN then enter the ip address of your network and the subnet. You can find these in your connection by clicking on the Support Tab for the connection.

While specifying specific hosts that ActiveSync can communicate with allows for more security, this is an incomplete security solution.  The Windows XP, Service Pack 2 firewall does not allow users to control what ports an application uses so we cannot prevent ActiveSync from using your PC as a proxy for your Pocket PC.  Further the firewall only monitors incoming requests from the internet so any outgoing request is allowed.


Now you can ensure that Windows XP, Service Pack 2 is not interfering with your use of ActiveSync.  Further you can use the additional control to specify what hosts ActiveSync is able to communicate with.

Click to Visit Pocket PC Talk

Return to Chris De Herrera's Windows CE Website