Configure Your Firewall for Microsoft ActiveSync

Security Applications Disrupt ActiveSync

Along with the standard error messages displayed when ActiveSync fails to synchronise your data, various other elements can come into play that prevent a successful sync.

For instance your firewall can prevent Microsoft ActiveSync from establishing a connection with your Windows Mobile device, while parental control utilities can also impact on the successful synching of data. These are of course both vital utilities to the secure running of many PCs – uninstalling either or both of these types of application isn't a long-term solution.

There are ways of overcoming disruptions from firewalls and parental controls, however.

Firewall Disruptions

Firewall applications for desktop PCs block network traffic and secure ports from incoming network traffic. ActiveSync uses the TCP protocol to transfer data between your PC and your Windows Mobile device – when a firewall blocks this transfer, the synchronisation fails.

To overcome this, you need to add the ActiveSync applications into the firewall applications list of exceptions – programs that are allowed access to the wider network or the internet.

In many cases this should be a straightforward process and in other cases there will be no issue as the firewall software automatically recognises the ActiveSync application and allows access – however some firewalls don't, such as:

  • Sygate Personal Firewall
  • TrendMicro PC-cillin Internet Security 2005
  • Norton Personal Firewall
  • Zone Alarm Security Suite
  • McAfee Personal Firewall
  • Windows Firewall
  • BlackICE Firewall

In order to get ActiveSync working successfully with these firewalls, you will need to add the three ActiveSync processes to the firewall exceptions list:

  • Wcesmgr.exe
  • Wcescomm.exe
  • Rapimgr.exe

(These are typically found in C:\Program Files\Microsoft ActiveSync).

Once added to the exceptions list of your firewall software, these three components of ActiveSync should then successfully connect your PC and Windows Mobile device for trouble-free syncing.

(In extreme cases, Inbound TCP and Outbound TCP ports used for communication may also need to be opened in your firewall configuration:

  • Inbound TCP:
    • 990
    • 999
    • 5678
    • 5721
    • 26675
  • Outbound UDP:
    • 5679

You may need to check your firewall user guide to check how to open ports for a particular application as this function is often hidden away to avoid accidental use.)

Parental Controls

Used to prevent access to inappropriate websites for minors, parental control software blocks network traffic to specific designated IP addresses and URLs. They are very similar to corporate website filtering tools, and often run between the operating system and the Windows applications to monitor network traffic.

As such, ActiveSync communication between your Windows Mobile device and PC can be affected by parental control software, causing difficulties in establishing and/or maintaining a connection.

Resolving this issue usually requires an upgrade of your ActiveSync version to 4.5, or failing this disabling your parental controls whenever you need to sync your device.

This post is part of the series: Troubleshooting ActiveSync Connection Issues

This series looks at the various ActiveSync connectivity problems and their causes.
  1. Guide to Firewall Configuration for Microsoft ActiveSync