Windows dynamic port range

The Trust1Connector is using 3 different network ports for communication, For the Trust1Connector by Trust1Team these are ;

  • Registry, fixed 51983 (51883 for the acceptance version)

  • API, dynamically assigned

  • Sandbox, dynamically assigned

In some rare cases the windows system prevents a range of TCP ports to be used by applications, this is called an exclusion range.

You can see the dynamic port range by executing the following command in a terminal

netsh int ipv4 show dynamicport tcp

The output will look like the following

Protocol tcp Dynamic Port Range
---------------------------------
Start Port      : 49152
Number of Ports : 16384

For the exclusion range you can use the following command

netsh interface ipv4 show excludedportrange protocol=tcp

This can look like the following, this can differ from your system

Protocol tcp Port Exclusion Ranges

Start Port    End Port
----------    --------
     53180       53189     *

* - Administered port exclusions.

To remove the listed port ranges from the exclusion range you can use the following command.

netsh int ipv4 delete excludedportrange protocol=tcp startport=51980 numberofports=10

This will make sure that starting of 51980 there are 10 ports allowed to be used by other applications.

In some cases you will need to stop winnat before having access to the exclusion range

After updating the exclusion range you need to restart winnat

net stop winnat // stop
net start winnat // start

If the steps above did not solve your issue you can also update the dynamic port range with the following command. This will move the port range to start from 54000 and have 10511 available ports to be used.

netsh int ipv4 set dynamic tcp start=54000 num=10511

Last updated