Whitelisting CQG's ports and IPs in your Windows VPS firewall can help improve connection stability and reduce interruptions — especially during high-volume trading hours.
Follow the steps below to create both inbound and outbound rules using Windows Defender Firewall with Advanced Security.
Video Guide:
Step 1: Open Windows Defender Firewall
On your VPS, search for and open:
Windows Defender Firewall with Advanced Security
In the left sidebar, you’ll see options for Inbound Rules and Outbound Rules
Step 2: Whitelist Ports 31654
Go to Inbound Rules
Click New Rule → choose Port → click Next
Select TCP and enter:
31654
4. Select Allow the connection → click Next
5. Apply to all profiles (Domain, Private, Public)
6. Name the rule: CQG Ports
7. Click Finish
Step 3: Outbound Rule (Ports)
Repeat the same steps above under Outbound Rules
→ Name the rule: CQG Ports (Outbound)
Step 4: Whitelist CQG IP Addresses (Inbound Rule)
Still under Inbound Rules, click New Rule
Select Custom, then click Next
Navigate to the Scope tab
Under “Remote IP address,” select These IP addresses
Click Add, and input each of the following IPs one by one:
208.48.16.130
5. Under Protocol and Ports, leave default (Any) → click Next
6. Under Action, select Allow the connection → click Next
7. Apply to all profiles → click Next
8. Name the rule:
CQG - Inbound IPs
9. Click Finish
Here is the matching Outbound Rule section for whitelisting CQG IPs:
Step 5: Whitelist CQG IP Addresses (Outbound Rule)
Go to Outbound Rules, click New Rule
Select Custom, then click Next
Go to the Scope tab
Under “Remote IP address,” select These IP addresses
Click Add, and enter each of the following IPs one by one:
208.48.16.130
4. Under Protocol and Ports, leave as default (Any) → click Next
5. Under Action, choose Allow the connection → click Next
6. Apply to all profiles → click Next
7. Name the rule:
CQG - Outbound IPs
8. Click Finish
Step 6: Confirm Rules Are Active
After adding the rules:
Open the Firewall rule list under Inbound and Outbound Rules.
Ensure the new rules are listed and enabled (green checkmarks).
Restart your platform and test connectivity to confirm improvements.
Pro Tip: Use this PowerShell Script to Automated the Entire Process
# ===============================
# CQG Firewall Whitelist Script
# ===============================
# Run as Administrator
Write-Host "Creating Windows Firewall rules for CQG..." -ForegroundColor Cyan
# --- Step 2: Inbound Port 31654 ---
New-NetFirewallRule -DisplayName "CQG Port (Inbound)" `
-Direction Inbound -Action Allow -Protocol TCP -LocalPort 31654 `
-Profile Domain,Private,Public
# --- Step 3: Outbound Port 31654 ---
New-NetFirewallRule -DisplayName "CQG Port (Outbound)" `
-Direction Outbound -Action Allow -Protocol TCP -LocalPort 31654 `
-Profile Domain,Private,Public
# --- Step 4 & 5: Whitelist CQG IP (Inbound & Outbound) ---
$cqgIPs = @(
"208.48.16.130"
)
foreach ($ip in $cqgIPs) {
# Inbound IP rule
New-NetFirewallRule -DisplayName "CQG - Inbound IP $ip" `
-Direction Inbound -Action Allow -RemoteAddress $ip `
-Profile Domain,Private,Public -Protocol Any
# Outbound IP rule
New-NetFirewallRule -DisplayName "CQG - Outbound IP $ip" `
-Direction Outbound -Action Allow -RemoteAddress $ip `
-Profile Domain,Private,Public -Protocol Any
}
Write-Host "✅ CQG Firewall Rules have been successfully created." -ForegroundColor Green