Optimal WIndows 10 firewall setting for Teams desktop app?

Occasional Contributor

I've 95% sure that, at least in our environment, the Teams desktop app isn't setting Windows 10 firewall rules optimally, probably due to locking down the build.


When staff start video in Teams desktop, they see a one-off message that WIndows 10 firewall has blocked certain features of the application. I'm assuming this is Teams trying to use UDP on high ports for it's preferred protocol(s).


What are the Windows 10 firewall rules needed to optimist performance of the Teams desktop app?


NB I've already followed MSFT guidance on optimizing the network on boundary firewalls etc.

6 Replies
Hi Calum,

Here is the URL's and IP address ranges for Teams

Hope that helps. Let me know how you get on.

Best, Chris
best response confirmed by Calum Steen (Occasional Contributor)



That is described in this article.
When users initiate a call using the Microsoft Teams client for the first time, they might notice a warning with the Windows firewall settings that asks for users to allow communication. Users might be instructed to ignore this message because the call will work, even when the warning is dismissed.  Windows Firewall configuration will be altered even when the prompt is dismissed by selecting “Cancel”. Two inbound rules for teams.exe will be created with Block action for both TCP and UDP protocols.


You should be able add these block rules with an Group Policy that you deploy to your client computers.


There is also a Uservoice request to remove this warning, go in and vote for it to get some attention from Microsoft.


Thanks for this. I've just posted on uservoice that it would be really neat if Teams didn't do whatever it's doing to trigger the firewall prompt ( is the user doesn't have admin rights. I assume one can test if a UAC prompt would be triggered without actually triggering it?

@Linus Cansby How exactly do we create a firewall rule for a user profile based exe via gpo?  firewall rules are machine based-  this is a user based path.  

@Helios Comms did you get a response from Microsoft about this? I am having the same issue and cannot figure out how to exclude teams from the firewall. I tried to exclude Teams by creating wild cards, it just doesn't work and I still get the same alert.





non of these work.

No, never got a resolution so our ticket is still open! It's going to raise it's ugly head again soon as we're about to remove admin rights for normal users. Might not be a problem as we're also going down the Windows image route as well so the firewall might be configured in the image.