How to Set Windows Firewall Rules for TRIOS 3, TRIOS 4, and TRIOS 5

How to Set Windows Firewall Rules for TRIOS 3, TRIOS 4, and TRIOS 5

14/02/2025

Introduction

In some cases, institutions, large clinics, or even individual dental practices with an IT department may have network security settings, such as firewall configurations, controlled by group policies or managed directly by the IT department. That is why we provide detailed documentation on the network requirements for Unite, which can be found here: Unite Network Connections.

For scanners to function properly with the firewall enabled, the necessary port and addresses for scanner traffic should be whitelisted. 

If you have referred to this article as a troubleshooting measure for an issue like 'Scanner not connecting', please consider the following: If Windows Firewall is disabled on the system, all firewall rules (inbound and outbound) are effectively ignored. This means that before following the step-by-step process in this article, you should first check the status of the firewall. If it is disabled and the scanner is still not connecting, the firewall is not the cause of the problem, making this article irrelevant for that specific scenario.

The same logic applies in reverse. If the firewall is enabled, support can temporarily disable it for testing purposes (if possible). If the scanner connects after disabling the firewall, this confirms that the firewall is the root cause. However, the firewall must be re-enabled afterward, and this article should be followed to create the necessary rules based on the scanner model.

 

Firewall Rules for TRIOS 3 Wired, TRIOS 3 Wireless, and TRIOS 4 Connections

The following rules are required to prevent any issues with these scanners:

Port Protocol Encryption Examples of IP addresses Unite I Unite II Unite III
23796 (SMORP) TCP SMORP is a secure proprietary protocol

10.33.3.1 

(fixed IP) 
192.168.1.42 (dynamic IP)
21 (FTP), 80 (HTTP) TCP, FTP, HTTP None 10.33.3.1 (fixed IP) 
192.168.1.42 (dynamic IP)
58220-58230 (local) or dynamic UDP None 10.33.3.3 (fixed IP) 
192.168.1.42 (dynamic IP)

Therefore, since the first two share the same protocol and addresses, it is possible to create a single rule that includes ports 21, 80, and 23796, as follows:

Step 1: Open “Windows Defender Firewall with Advanced Security”.

Step 2: Locate the Inbound and Outbound Rules sections in the left panel.
A screenshot of a computer AI-generated content may be incorrect.


Step 3: Click “Inbound Rules” to select it. The right panel of the window will display several actions:
A screenshot of a computer AI-generated content may be incorrect.


Step 4: Click “New Rule…” to open the Rule Wizard window and select “Custom” as the rule type.


Step 5: Click “Next”, and in the Program section, ensure that “All programs” is selected.
A screenshot of a computer program AI-generated content may be incorrect.


Step 6: Click “Next”, and in the Protocol and Ports section, select “TCP” as the Protocol type. For both local and remote ports, select “Specific Ports” and enter 21, 80, 23796 in both fields.
A screenshot of a computer AI-generated content may be incorrect.


Step 7: Click “Next” and in the Scope section, select “These IP addresses” for both local and remote IPs. Then, click “Add…” and a smaller window will appear, allowing you to enter the desired IP address—in this case, 10.33.3.1. Repeat this process for both local and remote IP addresses.
A screenshot of a computer AI-generated content may be incorrect.
 

Step 8: Click "Next" and ensure that the action “Allow the connection” is selected.
A screenshot of a computer AI-generated content may be incorrect.


Step 9: Click "Next" and ensure that all three profiles (Domain, Private, and Public) are selected.
A screenshot of a computer AI-generated content may be incorrect.
 

Step 10: Click “Next” and set a name for the rule, such as “3Shape TRIOS 3 & 4 TCP”. The name is purely visual and will not affect the rule's functionality. Click “Finish” to complete the process.
A screenshot of a computer AI-generated content may be incorrect.


Step 11: Create the exact same rule in Outbound Rules following the same step-by-step process. Keep in mind that, in step 8, when creating the Outbound Rule, “Block the connection” may sometimes be selected by default, make sure to switch it to “Allow the connection”.

Rule for ports 58220-58230

The rule for ports 58220-58230 must be created separately because the protocol is different.

Step 1: Repeat steps 1 through 6 from the step-by-step process used for the first rule. When you reach the Protocol and Ports section, select “UDP” as the Protocol type. The specific ports should be set to 58220-58230


Step 2: Click “Next” and add the same IP address (10.33.3.1) used in the first rule for both local and remote IP addresses.
A screenshot of a computer AI-generated content may be incorrect.


Step 3: Click “Next” and ensure that “Allow the connection” is selected as the action.
A screenshot of a computer AI-generated content may be incorrect.


Step 4: Click “Next” and ensure that all three profiles (Domain, Private, and Public) are selected.
A screenshot of a computer AI-generated content may be incorrect.


Step 5: Click “Next” and set a name for the rule, such as “3Shape TRIOS 5 UDP”. The name is purely visual and does not affect the rule’s functionality. Click “Finish” to complete the process.
A screenshot of a computer AI-generated content may be incorrect.


Step 6: Create the exact same rule in “Outbound Rules” following the same step-by-step process. Keep in mind that, in step 3, “Block the connection” may sometimes be selected by default when creating the Outbound Rule, make sure to switch it to “Allow the connection”.

Firewall rules for TRIOS 5 connection

The only relevant port required for TRIOS 5 traffic is as follows:

Port Protocol Encryption Unite I Unite II Unite III
23796 (SMORP) TCP SMORP is a secure proprietary protocol

To create the firewall rule using the information shown above, proceed as follows:

Step 1: Open Windows Defender Firewall with Advanced Security.

Step 2: Locate the Inbound and Outbound Rules sections in the left panel.
A screenshot of a computer AI-generated content may be incorrect.


Step 3: Click “Inbound Rules” to select it. The right panel of the window will display several actions:
A screenshot of a computer AI-generated content may be incorrect.


Step 4: Click “New Rule…” to open the Rule Wizard window.

Step 5: For the rule type, select “Port”.
A screenshot of a computer AI-generated content may be incorrect.
 

Step 6: Click "Next" and in the Protocol and Ports section, select “TCP” and enter 23796 in the Specific local ports field, as shown in the rule.
A screenshot of a computer AI-generated content may be incorrect.


Step 7: Click “Next” and ensure that “Allow the connection” is selected as the action.
A screenshot of a computer AI-generated content may be incorrect.


Step 8: Click “Next” and ensure that all three profiles (Domain, Private, and Public) are selected.
A screenshot of a computer AI-generated content may be incorrect.


Step 9: Click “Next” and set a name for the rule, such as “3Shape TRIOS 5”. The name is purely visual and will not affect the rule’s functionality. Click “Finish” to complete the process.
A screenshot of a computer AI-generated content may be incorrect.

Step 10: Create the exact same rule in “Outbound Rules” following the same step-by-step process. Keep in mind that, in step 7, when creating the Outbound Rule, “Block the connection” may sometimes be selected by default. We do not want that, so make sure to switch it to “Allow the connection”.

Once the rules are created, a system restart may not always be necessary, depending on the system. However, if the scanner is still not detected, a restart is highly recommended.

Contact 3Shape Support if you have any further questions.

Was this article helpful?

Give feedback about this article

Related Articles