Norton blocking port 22434

Norton 360 for Windows
,
1

hello, I have ollama working on docker that is using port11434. “1http://127.0.0.1:11434”. I have tailscale setup to point to my pc. but Norton is blocking this port. this only port that I cannot reach via tailscale. When I turn of the firewall it works. I have tried everything to allow this port . There is a setting some where to allow this or we cannot because Norton is just not the best

2

Edited by: SA

Can you post a screenshot of the block within your Norton History for review? Thanks in advance.

SA

3

no blocking messages , just the changes I made.

image
image859×262 12.9 KB

4

Wondering if this info may help!! From what I view Norton isn’t blocking Tailscale. Can you assist us with specifics of the rule you created for Ollama as well?

SA

5

The only setting within the Norton firewall I can recommend checking is below.

checking blocked devices in firewall
checking blocked devices in firewall1010×674 85.4 KB

SA

6

allowed TCP 11434 , in and out, ip blank. I tired with tailscale ip as well . I even did a test , I forwarded the port from 11434 to 8080 and port 8080 works. traffice passes.. norton is blocking port 11434

7

Norton’s Smart Firewall commonly blocks Port 11434 because it is the default port for Ollama, an AI model runner that uses local network connections which can appear suspicious to standard security rules.

If you prefer not to open the port for the entire system, you can limit the rule to just the application (e.g., ollama.exe):

=================================

If forwarding to port 8080 works but 11434 remains blocked despite your rule, Norton is likely triggering a deeper security layer or failing to prioritize your custom rule over a hidden “default block” for that specific high-port range.

  1. Re-Order the Rules (Priority Check)
    In Norton 360 v26, rules are processed from top to bottom. Even if you created an “Allow” rule, a broader “Block” rule higher in the list will override it.
  • Go back to Smart Firewall > Traffic Rules.
  • Locate your “Allow 11434” rule.
  • Use the Move Up arrows to place it at the absolute top (index 0 or 1).
  • Click Apply or Save.
  1. Disable “Automatic Program Control”
    Norton’s Automatic Program Control can sometimes supersede manual port rules if it doesn’t “trust” the application using the port (like ollama.exe).
  • In the Smart Firewall settings, find the General tab.
  • Toggle Automatic Program Control to Off.
  • When prompted, choose “Until I turn it on again.”
  • Try the connection. If it works, you need to manually set the specific program to “Allow” in the Program Control tab.
  1. Check Intrusion Prevention (IPS)
    Norton often flags AI tools or unusual port traffic as a “potential attack” rather than a simple firewall issue.
  • Go to Settings > Intrusion Prevention.
  • Check the Intrusion Exclusions or IPS History. If you see 11434 being blocked here, it’s because Norton thinks the traffic pattern looks like an exploit.
  • Add an exclusion for your local IP or the Tailscale IP range within the Intrusion Prevention settings.
  1. Restart the Host Network Service (Windows Specific)

If you are on Windows, the port might be “locked” by the OS itself in a way that interferes with Norton’s filtering.

  • Open Command Prompt as Administrator.
  • Run: net stop hns then net start hns.
  • This resets the Windows Host Network Service, which often fixes “ghost” blocks on port 11434.
  1. Verify the “Public” vs “Private” Profile

If you are using Tailscale, Norton may classify that network as Public, while your rule might only apply to the Private or Trusted profile.

  • In your rule settings, ensure the Profile is set to All or specifically matches the profile assigned to your Tailscale adapter.

AI sourced content may make mistakes

===================================

Norton v26 uses AI-enhanced threat detection that prioritizes security on non-standard ports above 10000, which are often used by unverified services. Port 8080 is a “well-known” alternative HTTP port, so it bypasses many of the stricter behavioral checks that 11434 (used by Ollama) triggers.

  • Intrusion Prevention (IPS): This is likely the real culprit in v26. If the firewall rule exists but traffic is blocked, the IPS is flagging the “unusual” traffic pattern on 11434 as an exploit.
  • Go to Settings > Intrusion Prevention.
  • Check your Security History for any “Intrusion” alerts related to 11434.
  • If found, select Exclude Signature to stop Norton from inspecting that specific port’s traffic.
  • Zombie Processes: On Windows 11/10, an abandoned Ollama process can sometimes “hang” on the port even after a restart.
  • Open PowerShell (Admin) and run: Get-NetTCPConnection -LocalPort 11434 | Select-Object -ExpandProperty OwningProcess.
  • If a PID (Process ID) appears, run: Stop-Process -Id <PID> -Force

AI sourced content may make mistakes

8

Thanks. In the rule you created edit again and add UDP to TCP. Retest.

SA

9

Re-Order the Rules. done that already.

Disable “Automatic Program Control” you cannot disable this. Norton does not have that option.

Check Intrusion Prevention (IPS), history no blocking.

Norton may classify that network as Public, while your rule might only apply to the Private or Trusted profile

tailscale and ollama and docker is all set to all .

  • Check your Security History for any “Intrusion” alerts related to 11434. no history of blocking.

powershell already did the reset.

it only works when i turn off the firewall. if norton cannot fix this I will cancel subscription.

10

Allow | Ask

image
image741×371 70.9 KB

And you’ve documented the issue via Norton support?
What does Norton support say…?

11

I wasn’t referring to re-ordering rules but rather editing the one you created to appear something like the one below:

example new firewall rule
example new firewall rule1010×674 69.1 KB

SA

12

Hi I already tried that. I tried so many different combinations. created multiple rules as well.. You should est it on your side and see for yourself. ollama on docker on windows good luck.

13

And this suggestion makes zero difference?

AI Overview

Yes, Norton Smart Firewall can block TCP port 11434
which is commonly used by Ollama for local LLM services. Users have reported that Norton blocks traffic on this port, requiring manual configuration to allow the connection. To fix this, you may need to add a firewall rule to allow TCP 11434 traffic.

Steps to Allow Port 11434 in Norton:

  • Verify the Block: Temporarily disable the Norton Smart Firewall to confirm if the connection works.
  • Create a Firewall Rule: In Norton, go to Firewall Settings > Traffic Rules and add a rule to allow TCP port 11434 for both in and out traffic.
  • Remove Connection Blocking: If Norton has automatically blocked the app, go to Firewall > Connection Blocking and remove the rule associated with the app.

Note: If you are using Docker for Ollama, ensure your container is properly mapped (e.g., -p 11434:11434) and that Norton allows the docker process

SA

14

ollama ,docker, tailscale all mapped correctly. Norton smart firewall is not that smart. I even tried editing the apps program docker and tailscale, tried every combination of rules I can think of. adding and editing.

it is sad that i have forward my ort to another open port.

I will just have to go with another competitor

1 Like