Windows 7 Forums
Welcome to Windows 7 Forums. Our forum is dedicated to helping you find support and solutions for any problems regarding your Windows 7 PC be it Dell, HP, Acer, Asus or a custom build. We also provide an extensive Windows 7 tutorial section that covers a wide range of tips and tricks.

Windows 7: Windows 7 firewall exception incoming scope rule for different subnet

17 Dec 2012   #1

Windows 7 Ultimate x64
Windows 7 firewall exception incoming scope rule for different subnet

This one problem kept my win 7 PC from being able to be pinged and share files from incoming ubuntu PC on another LAN with a different subnet.

I have 2 lans, 2 routers, each using a different range of IP.
One is on 192.168.1.x
Other is on 192.168.200.x

I have a static route to direct packets from forward LAN to the other LAN. Only thing was Windows 7 kept blocking that route UNLESS the firewall for the private network was turned off. Even if you turn on sharing, etc... Windows 7 firewall only allows for the subnet LAN it exists on.

So you have to put in a rule and change the scope
The exception is to add your local lan ip range.
For me it scope exception is

screenshot and also shows the pings from ubuntu PC on different LAN works.

Click Action, new rule, then custom, keep clicking next till you get to scope. Under Local IP, enter your LAN as I did.
Apply it and it works.

Attached Thumbnails
Windows 7 firewall exception incoming scope rule for different subnet-firewallruleworks.png  
My System SpecsSystem Spec
17 Dec 2012   #2

Windows 7 Ult, Windows 8.1 Pro,

That's good to know sdowney717, I wasn't sure if Windows could manage sharing between two different subnets but adding the subnet range to the firewall rules looks like it works pretty well for this.

You can also connect to both subnets with a single NIC by adding the secondary subnet to the advanced TCP/IP settings in IPv4 properties.
My System SpecsSystem Spec
18 Dec 2012   #3

Windows 7 Ultimate x64

Is what you mean called binding an ip to a NIC?

If so, give me an example of what I would have entered for the nic card.
(Pictures help)

The win7 PC is on
Router2 is on

Router 1 is on
WAN ip for router2 which it gets automatically from router1 is
WAN port of router2 is plugged into LAN port of router1.

I left DHCP on for both routers. I assigned a manual IP to the win7 PC.

the static route from router1 is setup as

Dest IP
Gateway IP

This lets router1 know that packets of 192.168.200.x need to go to the attached device router2 at

I had to yank a netgear router off my LAN and use a Verizon 7501 to get the static route to work. Fo some reason the WGT624v3 netgear always jumped IP when I setup a static route. I even tried forcing it manually and it would not work. Routers that dont route! Caused a lot of head scratching.

My router1 is a nice old Gateway G wireless router.
My System SpecsSystem Spec

19 Dec 2012   #4

Windows 7 Ult, Windows 8.1 Pro,

Pictures aren't really required, it's the same as setting up a static IP but you type both routes into the advanced TCP/IP settings for which ever adaptor you want to bind the subnets too.

For some reason you are saying WAN IP but the first one is a LAN IP.
WAN ip for router2 which it gets automatically from router1 is
WAN port of router2 is plugged into LAN port of router1.

Usually for dual router set up's you will want to disable DHCP on the secondary router but with your dual LAN's it might not work the same.

Normally you would plug the secondary router into the LAN port on the first router, then connect the other router's LAN port, LAN to LAN. But this would depend on what you are using the second router for.

This dual subnet network is rather strange, and I'm trying to figure out why someone would need to do this with all the available options for NTFS sharing.
My System SpecsSystem Spec

 Windows 7 firewall exception incoming scope rule for different subnet

Thread Tools

Similar help and support threads
Thread Forum
Which exception to add to Windows Firewall?
i think this one will help, i have a Play station 4 , they told me to do exception so you can find lobby when you play online, can you please tell me which exception that i need to do so i can find players to play with Thank you very much Jalal.
System Security
How to create shortcut for Windows Firewall rule (enable/disable)?
Hello, hopefully this is right subforum to start this thread :) I've googled on how to quickly and easily enable/disable single Windows Firewall rule without having to open the firewall, going into advanced options, and eventually manually finding my rule there. Best I've found was two...
System Security
Windows 7 Firewall - New Rule Disappear After Refresh ???
Hello, I have a little problem with the Win 7 Firewall Advanced settings. When I create a new rule (whatever rule, out or in, block or allow ...) the new rule appear in the middle panel list box, but if a make a refresh with the refresh option on the right panel the new rule disappear. Same...
System Security
How to Make One Exception to a Windows Firewall Outbound Rule?
The current situation: I disabled network connectivity to a particular IP on my Windows computer. In other words, if my system tries to connect to the internet through that specific IP address, it will not be able to do so. I disabled the connectivity as mentioned above, by following...
System Security
Firewall Rule: Unable to change scope for TCP and UDP rules
I am attempting to run a (legitimate) ADCH++ hub from my computer. I am trying to restrict access to few certain IP blocks. The problem that I encounter is that the auto-created firewall rules Windows creates are not able to be changed. In Windows Firewall with Advanced Security, when I attempt...
System Security

Our Sites

Site Links

About Us

Find Us

Windows 7 Forums is an independent web site and has not been authorized, sponsored, or otherwise approved by Microsoft Corporation. "Windows 7" and related materials are trademarks of Microsoft Corp.

Designer Media Ltd

All times are GMT -5. The time now is 05:25.
Twitter Facebook