Remote Desktop Connection doesn't seem to work with firewall turned on



G.C.
07-10-2005, 02:05 AM
Remote desktop connection used to work on machines that I've had that don't
have SP2 installed. Upon getting new machines, I can't get RDC to work.

I've tried the following things:

1) enabled Remote desktop connection and Remote assistance in Firewall.

2) enabled Remote desktop connection and Remote assistance in System
Properties under Remote tab.

3) edited
HKLM\System\CurrentControlSet\Control\TerminalServer\Winstations\RDP-Tcp\Portnumber
to change listening port to reflect a random port number within the allowed
range. For example, the machine in question used to allow incoming RDC
connections on port 3456 prior to SP2.

4) added the port number 3456 for both TCP and UDP connections in firewall.

*note Port 3456 is not the port number used, but just stated here for an
example. pretty close though.

Any other suggestions? It seems to work if we disable the SP2 firewall.

Carey Frisch [MVP]
07-10-2005, 02:05 AM
If you're running Windows XP Service Pack 2 (SP2) and you
enable Remote Desktop, Windows Firewall will be automatically
configured to allow Remote Desktop connections to your computer.
However, Remote Desktop will not work if you have Windows
Firewall configured to allow no exceptions. To allow exceptions in
Windows Firewall, in the Control Panel open the Security Center,
click Windows Firewall and clear the check box next to "Don't allow
exceptions".

--
Carey Frisch
Microsoft MVP
Windows XP - Shell/User
Microsoft Newsgroups

Get Windows XP Service Pack 2 with Advanced Security Technologies:
http://www.microsoft.com/athome/security/protect/windowsxp/choose.mspx

-------------------------------------------------------------------------------------------

"G.C." wrote:

| Remote desktop connection used to work on machines that I've had that don't
| have SP2 installed. Upon getting new machines, I can't get RDC to work.
|
| I've tried the following things:
|
| 1) enabled Remote desktop connection and Remote assistance in Firewall.
|
| 2) enabled Remote desktop connection and Remote assistance in System
| Properties under Remote tab.
|
| 3) edited
| HKLM\System\CurrentControlSet\Control\TerminalServer\Winstations\RDP-Tcp\Portnumber
| to change listening port to reflect a random port number within the allowed
| range. For example, the machine in question used to allow incoming RDC
| connections on port 3456 prior to SP2.
|
| 4) added the port number 3456 for both TCP and UDP connections in firewall.
|
| *note Port 3456 is not the port number used, but just stated here for an
| example. pretty close though.
|
| Any other suggestions? It seems to work if we disable the SP2 firewall.

G.C.
07-10-2005, 02:05 AM
Hi thanks for the reply. Actually the box is already cleared. Any other
suggestions?


"Carey Frisch [MVP]" <cnfrisch@nospamgmail.com> wrote in message
news:e6Ujit%23WFHA.2768@tk2msftngp13.phx.gbl...
> If you're running Windows XP Service Pack 2 (SP2) and you
> enable Remote Desktop, Windows Firewall will be automatically
> configured to allow Remote Desktop connections to your computer.
> However, Remote Desktop will not work if you have Windows
> Firewall configured to allow no exceptions. To allow exceptions in
> Windows Firewall, in the Control Panel open the Security Center,
> click Windows Firewall and clear the check box next to "Don't allow
> exceptions".
>
> --
> Carey Frisch
> Microsoft MVP
> Windows XP - Shell/User
> Microsoft Newsgroups
>
> Get Windows XP Service Pack 2 with Advanced Security Technologies:
> http://www.microsoft.com/athome/security/protect/windowsxp/choose.mspx
>
> -------------------------------------------------------------------------------------------
>
> "G.C." wrote:
>
> | Remote desktop connection used to work on machines that I've had that
> don't
> | have SP2 installed. Upon getting new machines, I can't get RDC to work.
> |
> | I've tried the following things:
> |
> | 1) enabled Remote desktop connection and Remote assistance in Firewall.
> |
> | 2) enabled Remote desktop connection and Remote assistance in System
> | Properties under Remote tab.
> |
> | 3) edited
> |
> HKLM\System\CurrentControlSet\Control\TerminalServer\Winstations\RDP-Tcp\Portnumber
> | to change listening port to reflect a random port number within the
> allowed
> | range. For example, the machine in question used to allow incoming RDC
> | connections on port 3456 prior to SP2.
> |
> | 4) added the port number 3456 for both TCP and UDP connections in
> firewall.
> |
> | *note Port 3456 is not the port number used, but just stated here for an
> | example. pretty close though.
> |
> | Any other suggestions? It seems to work if we disable the SP2 firewall.
>

Carey Frisch [MVP]
07-10-2005, 02:06 AM
In the Computer field in the Remote Desktop Client connection dialog,
specify the port in either of the following ways:

..Computer name, colon, port number
Example: TSComputer: 22229

..IP address, colon, port number
Example: 192.168.1.1: 22229

Port 3389 is the only port you need to open. Windows will attempt to stream
sound through User Datagram Protocol (UDP) first. If no port is available for
UDP, sound will stream through a virtual channel in Remote Desktop Protocol,
which uses port 3389.

Also see:

How do I enable Remote Desktop on Windows XP SP2 using the registry?
http://www.jsifaq.com/SUBQ/tip8400/rh8429.htm

--
Carey Frisch
Microsoft MVP
Windows XP - Shell/User
Microsoft Newsgroups

Get Windows XP Service Pack 2 with Advanced Security Technologies:
http://www.microsoft.com/athome/security/protect/windowsxp/choose.mspx

-------------------------------------------------------------------------------------------

"G.C." wrote:


| Hi thanks for the reply. Actually the box is already cleared. Any other
| suggestions?

G.C.
07-10-2005, 02:06 AM
Hi Carey,

Yes this is what we usually do. Specifiy an IP address and port number. The
only clue here I have is that it works on machines that don't have SP2
installed.


"Carey Frisch [MVP]" <cnfrisch@nospamgmail.com> wrote in message
news:eRylj3%23WFHA.712@TK2MSFTNGP14.phx.gbl...
> In the Computer field in the Remote Desktop Client connection dialog,
> specify the port in either of the following ways:
>
> .Computer name, colon, port number
> Example: TSComputer: 22229
>
> .IP address, colon, port number
> Example: 192.168.1.1: 22229
>
> Port 3389 is the only port you need to open. Windows will attempt to
> stream
> sound through User Datagram Protocol (UDP) first. If no port is available
> for
> UDP, sound will stream through a virtual channel in Remote Desktop
> Protocol,
> which uses port 3389.
>
> Also see:
>
> How do I enable Remote Desktop on Windows XP SP2 using the registry?
> http://www.jsifaq.com/SUBQ/tip8400/rh8429.htm
>
> --
> Carey Frisch
> Microsoft MVP
> Windows XP - Shell/User
> Microsoft Newsgroups
>
> Get Windows XP Service Pack 2 with Advanced Security Technologies:
> http://www.microsoft.com/athome/security/protect/windowsxp/choose.mspx
>
> -------------------------------------------------------------------------------------------
>
> "G.C." wrote:
>
>
> | Hi thanks for the reply. Actually the box is already cleared. Any other
> | suggestions?
>

Carey Frisch [MVP]
07-10-2005, 02:06 AM
Troubleshooting Windows Firewall settings in Windows XP Service Pack 2
http://support.microsoft.com/kb/875357/

--
Carey Frisch
Microsoft MVP
Windows XP - Shell/User
Microsoft Newsgroups

Get Windows XP Service Pack 2 with Advanced Security Technologies:
http://www.microsoft.com/athome/security/protect/windowsxp/choose.mspx

-------------------------------------------------------------------------------------------

"G.C." wrote:

| Hi Carey,
|
| Yes this is what we usually do. Specifiy an IP address and port number. The
| only clue here I have is that it works on machines that don't have SP2
| installed.

G.C.
07-10-2005, 02:06 AM
Thanks Carey. Just FYI, I didn't come across this solution in that link you
sent, but I finally found the problem. IIS apparently was turned on and
there is a way to connect remotely to your computer via a webbrowser with
the use of IIS on the host computer. IIS was on but not running web
services. Turning it off worked like a charm. It might have been trying to
route RDC requests through IIS since it was on.


"Carey Frisch [MVP]" <cnfrisch@nospamgmail.com> wrote in message
news:OxcMOLAXFHA.2776@TK2MSFTNGP12.phx.gbl...
> Troubleshooting Windows Firewall settings in Windows XP Service Pack 2
> http://support.microsoft.com/kb/875357/
>
> --
> Carey Frisch
> Microsoft MVP
> Windows XP - Shell/User
> Microsoft Newsgroups
>
> Get Windows XP Service Pack 2 with Advanced Security Technologies:
> http://www.microsoft.com/athome/security/protect/windowsxp/choose.mspx
>
> -------------------------------------------------------------------------------------------
>
> "G.C." wrote:
>
> | Hi Carey,
> |
> | Yes this is what we usually do. Specifiy an IP address and port number.
> The
> | only clue here I have is that it works on machines that don't have SP2
> | installed.
>


Remote Desktop Connection doesn't seem to work with firewall turned on