How to Set Windows Firewall Rules for TRIOS 3, TRIOS 4, and TRIOS 5

How to Set Windows Firewall Rules for TRIOS 3, TRIOS 4, and TRIOS 5

14/02/2025

Introduction

In some cases, institutions, large clinics, or even individual dental practices with an IT department may have network security settings, such as firewall configurations, controlled by group policies or managed directly by the IT department. That is why we provide detailed documentation on the network requirements for Unite, which can be found here: Unite Network Connections.

For obvious reasons, we cannot require customers to disable their firewall. However, the necessary ports and addresses for scanner traffic can be whitelisted, allowing the scanners to function properly even with the firewall enabled.

If you have referred to this article as a troubleshooting measure for an issue like 'Scanner not connecting', please consider the following: If Windows Firewall is disabled on the system, all firewall rules (inbound and outbound) are effectively ignored. This means that before following the step-by-step process in this article, you should first check the status of the firewall. If it is disabled and the scanner is still not connecting, the firewall is not the cause of the problem, making this article irrelevant for that specific scenario.

The same logic applies in reverse. If the firewall is enabled, support can temporarily disable it for testing purposes (if possible). If the scanner connects after disabling the firewall, this confirms that the firewall is the root cause. However, the firewall must be re-enabled afterward, and this article should be followed to create the necessary rules based on the scanner model.

 

 

Firewall Rules for TRIOS 3 Wired, TRIOS 3 Wireless, and TRIOS 4 Connections

The following rules are required to prevent any issues with these scanners:

Port Protocol Encryption Examples of IP addresses Unite I Unite II Unite III
23796 (SMORP) TCP SMORP is a secure proprietary protocol

10.33.3.1 

(fixed IP) 
192.168.1.42 (dynamic IP)
21 (FTP), 80 (HTTP) TCP, FTP, HTTP None 10.33.3.1 (fixed IP) 
192.168.1.42 (dynamic IP)
58220-58230 (local) or dynamic UDP None 10.33.3.3 (fixed IP) 
192.168.1.42 (dynamic IP)

Therefore, since the first two share the same protocol and addresses, it is possible to create a single rule that includes ports 21, 80, and 23796, as follows:

  1. Open “Windows Defender Firewall with Advanced Security”.
  2. Locate the Inbound and Outbound Rules sections in the left panel.
    A screenshot of a computer AI-generated content may be incorrect.
  3. Click “Inbound Rules” to select it. The right panel of the window will display several actions:
    A screenshot of a computer AI-generated content may be incorrect.
  4. Click “New Rule…” to open the Rule Wizard window.
    Select “Custom” as the rule type.
  5. Click “Next”, and in the Program section, ensure that “All programs” is selected.
    A screenshot of a computer program AI-generated content may be incorrect.
  6. Click “Next”, and in the Protocol and Ports section, select “TCP” as the Protocol type. For both local and remote ports, select “Specific Ports” and enter 21, 80, 23796 in both fields.
    A screenshot of a computer AI-generated content may be incorrect.
  7. Click “Next” and in the Scope section, select “These IP addresses” for both local and remote IPs. Then, click “Add…” and a smaller window will appear, allowing you to enter the desired IP address—in this case, 10.33.3.1
    A screenshot of a computer AI-generated content may be incorrect.
    Repeat this process for both local and remote IP addresses.
  8. Click "Next" and ensure that the action “Allow the connection” is selected.
    A screenshot of a computer AI-generated content may be incorrect.
  9. Click "Next" and ensure that all three profiles (Domain, Private, and Public) are selected.
    A screenshot of a computer AI-generated content may be incorrect.
  10. Click “Next” and set a name for the rule. The name is purely visual and will not affect the rule's functionality. “3Shape TRIOS 3 & 4 TCP” is a good example. Click “Finish” to complete the process.
    A screenshot of a computer AI-generated content may be incorrect.

Once finished, proceed to create the exact same rule in “Outbound Rules” following the same step-by-step process. Just keep in mind that, in step 8, when creating the Outbound Rule, “Block the connection” may sometimes be selected by default. We do not want that, so make sure to switch it to “Allow the connection”.

The rule for ports 58220-58230 must be created separately because the protocol is different. Therefore, proceed as follows:

  1. Repeat steps 1 through 6 from the step-by-step process used for the first rule. When you reach the Protocol and Ports section, select “UDP” as the Protocol type. The specific ports should be set to 58220-58230
  2. Click “Next” and add the same IP address (10.33.3.1) used in the first rule for both local and remote IP addresses.
    A screenshot of a computer AI-generated content may be incorrect.
  3. Click “Next” and ensure that “Allow the connection” is selected as the action.
    A screenshot of a computer AI-generated content may be incorrect.
  4. Click “Next” and ensure that all three profiles (Domain, Private, and Public) are selected.
    A screenshot of a computer AI-generated content may be incorrect.
  5. Click “Next” and set a name for the rule. The name is purely visual and does not affect the rule’s functionality. “3Shape TRIOS 5 UDP” is a good example. Click “Finish” to complete the process.
    A screenshot of a computer AI-generated content may be incorrect.

Once finished, proceed to create the exact same rule in “Outbound Rules” following the same step-by-step process. Keep in mind that, in step 3, “Block the connection” may sometimes be selected by default when creating the Outbound Rule. We do not want that, so make sure to switch it to “Allow the connection”.

Firewall rules for TRIOS 5 connection

The only relevant port required for TRIOS 5 traffic is as follows:

Port Protocol Encryption Unite I Unite II Unite III
23796 (SMORP) TCP SMORP is a secure proprietary protocol

To create the firewall rule using the information shown above, proceed as follows:

  1. Open “Windows Defender Firewall with Advanced Security”.
  2. Locate the Inbound and Outbound Rules sections in the left panel.
    A screenshot of a computer AI-generated content may be incorrect.
  3. Click “Inbound Rules” to select it. The right panel of the window will display several actions:
    A screenshot of a computer AI-generated content may be incorrect.
  4. Click “New Rule…” to open the Rule Wizard window.
  5. For the rule type, select “Port”.
    A screenshot of a computer AI-generated content may be incorrect.
  6. Click "Next" and in the Protocol and Ports section, select “TCP” and enter 23796 in the Specific local ports field, as shown in the rule.
    A screenshot of a computer AI-generated content may be incorrect.
  7. Click “Next” and ensure that “Allow the connection” is selected as the action.
    A screenshot of a computer AI-generated content may be incorrect.
  8. Click “Next” and ensure that all three profiles (Domain, Private, and Public) are selected.
    A screenshot of a computer AI-generated content may be incorrect.
  9. Click “Next” and set a name for the rule. The name is purely visual and will not affect the rule’s functionality. “3Shape TRIOS 5” is a good example. Click “Finish” to complete the process.
    A screenshot of a computer AI-generated content may be incorrect.

Once finished, proceed to create the exact same rule in “Outbound Rules” following the same step-by-step process. Keep in mind that, in step 7, when creating the Outbound Rule, “Block the connection” may sometimes be selected by default. We do not want that, so make sure to switch it to “Allow the connection”.

Once the rules are created, a system restart may not always be necessary, depending on the system. However, if the scanner is still not detected, a restart is highly recommended.

Was this article helpful?

Give feedback about this article