Background
Thread started with https://boinc.berkeley.edu/forum_thread.php?id=15411&postid=115085 noted a similar problem while contacting Rosetta@Home and CPUGrid. I created a second thread with a proposed solution https://boinc.berkeley.edu/forum_thread.php?id=15513&postid=116053#116053 because the first thread looks like it was locked with no solution. I've created this third thread to provide an updated solution for this issue because my second thread is locked now.

My Windows 10 Pro machine, now running BOINC v8.2.4, continues to download work and upload results after applying the solution offered in the second thread. After I applied Microsoft's monthly Windows 11 update for May 2025, the issue captured in the title and detailed in the second thread reappeared on my Windows 11 Pro machine, then running BOINC v8.2.1. The second thread's solution did not fix the reawakened issue. NOTE: Neither machine has BOINC installed as a service.

Solution Summary (Details below TLDR):
I wrote a Windows Defender Firewall remote outbound rule for the BOINC Client, boinc.exe, for comms using TCP through ports 80 and 443.

Ever since my son infected my Win95 beige box with the first ad drive-by rootkit install, I've been a bit paranoid about web security. So I added what could be argued unnecessary local inbound and outbound firewall rules for the BOINC Client and a local outbound rule for the BOINC Manager for Windows, boincmgr.exe. The three rules allow local device comms using TCP through ports 1043 (legacy) and 41316 with the remote IP addresses restriced to the loop-back IP address 1.0.0.127. Like I said, I'm paranoid.

Details: Instructions for the Non-Technical to Setup and Test the Firewall Rules
A. On a Windows machine, BOINC internet access may be blocked by the Windows Defender Firewall, which is apparently a common occurrence on new installations or after system updates. The firewall prevents BOINC from communicating with project servers to download and upload work.

B. Confirming Windows Firewall is the source of your issue.
As a test, you can temporarily turn off Windows Firewall to confirm it is the source of the issue. (Warning: This should only be done temporarily for troubleshooting and on a trusted private network).
1. In the Firewall & network protection menu, click on your private network profile (e.g., Private network).
2. Turn the Microsoft Defender Firewall off.
3. Test BOINC's internet access.
3.1. Open BOINC Manager.
3.2. Select all of the projects on the Projects tab of BOINC Manager.
3.3. Select the Update button in the Command left pane.
3.4. Let BOINC process all project update requests.
3.5. Confirm that BOINC Manager removed "No internet access" from the Notices tab.
4. After testing, be sure to turn the firewall back on.

C. To resolve the Windows Firewall issue you need minimally to manually add one (1) remote outbound rule for the BOINC client's remote internet access over TCP via ports 80 (HTTP) and 443 (HTTPS). For the paranoid who want a stronger lockdown, add three (3) additional local inbound and outbound rules to Windows Firewall for BOINC applications' local communications over TCP via ports 1043 (legacy) and 31416.
1. How to allow BOINC through the Windows Firewall:
1.1. Open Windows Defender Firewall with Advanced Security.
1.1.1. Search for Windows Defender Firewall with Advanced Security in the Start Menu.
1.1.1. Open the app with Administrator privileges.
1.2. Create a remote-specific outbound rule allowing the BOINC Client, boinc.exe, internet access through the firewall:
1.2.1. In the Windows Defender Firewall with... left pane, select Outbound Rules. In the Actions right pane, select New Rule... . A wizard opens with Rule Type: as the first of multiple steps in the right pane.
1.2.2. Rule Type: Select Custom. Select Next.
1.2.3. Program: Select This program path. Select Browse and navigate to your BOINC installation folder (typical default

C:\Program Files\BOINC

). There select the executable boinc.exe. Select Next.
1.2.4. Protocol and Ports: Select TCP for the Protocol type. Let Local port: default to All Ports. Set Remote port: to Specific Ports and then in the entry box that opens below enter

80, 443

. Select Next.
1.2.5. Scope: Keep the Any IP Address option selected for both the local and remote IP addresses radio button groups. Select Next.
1.2.6. Action: Select Allow the connection. Select Next.
1.2.7. Profile: Keep the Domain, Private, and Public checkboxes selected. Select Next.
1.2.8. Name: Give the rule a descriptive name in the Name: field, like

BOINC Client (boinc.exe) Remote Outbound

. Enter a descriptive phrase in the Description (optional): field like,

Remote TCP connections via ports 80 (HTTP) and 443 (HTTPS)

. Select Finish.
1.3. Create a local-specific outbound rule allowing the BOINC Client, boinc.exe, local access to the BOINC Manager, boincmgr.exe, through the firewall. The rule specifies the communication protocol and ports and locks down the remote scope to the loopback address.
1.3.1. In the Windows Defender Firewall with... left pane, select Outbound Rules. Select New Rule... in the Actions right pane.
1.3.2. Rule Type: Select Custom. Select Next.
1.3.3. Program: Select This program path. Select Browse and navigate to your BOINC installation folder (typical default

C:\Program Files\BOINC

). There select the executable boinc.exe. Select Next.
1.3.4. Protocol and Ports: Select TCP for the Protocol type. Set Local port: to Specific Ports and then in the entry box that opens below enter

1043, 31416

. Let Remote port: default to All Ports. Select Next.
1.3.5. Scope: Keep the Any IP Address option selected for the Which local IP addresses... radio button group. Select These IP addresses for the Which remote IP addresses... radio button group. Select the now enabled Add button. Type

127.0.0.1

in the entry box that the Add button opened, and select OK. You can also add the local subnet IP addresses here if needed, but the loop-back address, 127.0.0.1, is the most secure for on-device communication.
1.3.6. Action: Select Allow the connection. Click Next.
1.3.7. Profile: Keep the Domain, Private, and Public checkboxes selected. Select Next.
1.3.8. Name: Give the rule a descriptive name in the Name: field, like

BOINC Client (boinc.exe) Local Outbound

. Enter a descriptive phrase in the Description (optional): field like

Local TCP connection via ports 1043 (legacy) and 31416

. Select "Finish.
1.4. Create a local-specific inbound rule allowing the BOINC Client, boinc.exe, to receive local communication from the BOINC Manager, boincmgr.exe, through the firewall. The rule specifies the communication protocol and ports and locks down the remote scope to the loopback address.
1.4.1. In the Windows Defender Firewall with... left pane, select Inbound Rules. Select New Rule... in the Actions right pane.
1.4.2. Rule Type: Select Custom. Select Next.
1.4.3. Program: Select This program path. Select Browse and navigate to your BOINC installation folder (typical default

C:\Program Files\BOINC

). There select the executable boinc.exe. Select Next.
1.4.4. Protocol and Ports: Select TCP for the Protocol type. Set Local port: to Specific Ports and then in the entry box that opens below enter

1043, 31416

. Let Remote port: default to All Ports. Select Next.
1.4.5. Scope: Keep the Any IP Address option selected for the Which local IP addresses... radio button group. Select These IP addresses for the Which remote IP addresses... radio button group. Select the now enabled Add button. Type

127.0.0.1

in the entry box that the Add button opened, and select OK. You can also add the local subnet IP addresses here if needed, but the loop-back address, 127.0.0.1, is the most secure for on-device communication.
1.4.6. Action: Select Allow the connection. Click Next.
1.4.7. Profile: Keep the Domain, Private, and Public checkboxes selected. Select Next.
1.4.8. Name: Give the rule a descriptive name in the Name: field, like

BOINC Client (boinc.exe) Local Inbound

. Enter a descriptive phrase in the Description (optional): field like

Local TCP connection via ports 1043 (legacy) and 31416

. Select Finish.
1.5. Create a local-specific outbound rule allowing the BOINC Manager, boincmgr.exe, local access to the BOINC Client, boinc.exe, through the firewall. The rule specifies the communication protocol and ports and locks down the remote scope to the loopback address.
1.5.1. In the Windows Defender Firewall with... left pane, select Inbound Rules. Select New Rule... in the Actions right pane.
1.5.2. Rule Type: Select Custom. Select Next.
1.5.3. Program: Select This program path. Select Browse and navigate to your BOINC installation folder (typical default

C:\Program Files\BOINC

). There select the executable boincmgr.exe. Select Next.
1.5.4. Protocol and Ports: Select TCP for the Protocol type. Set Local port: to Specific Ports and then in the entry box that opens below enter

1043, 31416

. Let Remote port: default to All Ports. Select Next.
1.5.5. Scope: Keep the Any IP Address option selected for the Which local IP addresses... radio button group. Select These IP addresses for the Which remote IP addresses... radio button group. Select the now enabled Add button. Type

127.0.0.1

in the entry box that the Add button opened, and select OK. You can also add the local subnet IP addresses here if needed, but the loop-back address, 127.0.0.1, is the most secure for on-device communication.
1.5.6. Action: Select Allow the connection. Click Next.
1.5.7. Profile: Keep the Domain, Private, and Public checkboxes selected. Select Next.
1.5.8. Name: Give the rule a descriptive name in the Name: field, like

BOINC Manager (boincmgr.exe) Local Outbound

. Enter a descriptive phrase in the Description (optional): field like

Local TCP connection via ports 1043 (legacy) and 31416

. Select Finish.
2. Reboot your computer to ensure that the new firewall exceptions take effect.
3. Test BOINC's internet access as in paragraph B WITHOUT disabling Windows Firewall.
3.1. If BOINC has internet access, you are done.
3.2. If Windows Firewall is still blocking BOINC internet access, then you have one, or more, additional issues that I did not have and my solution does not address.

---

because the first thread looks like it was locked with no solution.

Threads are automatically locked after a certain time frame with no further posts to them. My memory suggests 6 months but it may be longer.