Hope the following MSFT reference helps:
Windows 11 blocks APO communication (WSH related)
Hello there!
Seems like I'm missing some important change of Windows 11 Firewall.
We have an application that consists of 2 parts: windows application (APP) and audio processing object (APO). They communicate between each other through gRPC client-server model on localhost - works like a charm on Windows 8 and 10.
However on Windows 11, APO port (127.0.0.1:10000) is "FILTERED" by the firewall. APO part cannot connect to APP, and APP cannot connect to APO (connection failed, deadline exceeded, etc.).
It only became apparent after I switched to Port Query tool, because netstat was showing this port as "LISTENING".
I've tried:
- enabling Firewall logging and confirming that connection is dropped (but why?)
- adding inbound/outbound rules for this port, adding our app and AudioDG.exe (which loads our APO) to the exception list - no luck.
- turning firewall off for all profiles via Windows settings - same result.
But if I disable firewall the hard way (through mpssvc's "START" registry key value) - everything starts working again, port is open and "LISTENING".
Am I missing something obvious or there are new security rules that have to be applied to APO dll on Windows 11? Is there any way to create an exception for our APO?
Thanks in advance!
EDIT:
By doing additional WFP logging, it turned out that there's a blocking filter:
ID = 79647
Name = "WSH Default Inbound Block"
Description = "Blocks all inbound traffic for services who have been network hardened".
It seems like this rule overrides any inbound allowing rule I create.
How can one make an exception from this filter?