If you want to take control over FW settings please disable automatic FW configuration by changing that key in server.cfg:
# Enable the server to automatically configure the firewall for all
# the configured services. On platforms that don’t support adding
# the specific executables to a white list, the needed ports are
# added at server startup and removed at server shutdown, or when,
# at run-time, a new port is needed. The default value is 1.
#
# 1: Enabled. NoMachine opens the required ports in the firewall.
#
# 0: Disabled. Firewall must be configured manually. By default
# the required ports are TCP ports 4000 for NX, 4080 and 4443
# for HTTP and UDP ports in the range 4011-4999 range.
#
#EnableFirewallConfiguration 1