Windows 7 Forums

Welcome to Windows 7 Forums. Our forum is dedicated to helping you find support and solutions for any problems regarding your Windows 7 PC be it Dell, HP, Acer, Asus or a custom build. We also provide an extensive Windows 7 tutorial section that covers a wide range of tips and tricks.


Windows 7: Windows 7 firewall - allow alternate ports for RDP

10 Aug 2009   #1
scottfreeze

Windows 7 RTM
 
 
Windows 7 firewall - allow alternate ports for RDP

Hi all,

I'm looking for help configuring Windows 7 (RTM) firewall to allow traffic for an alternate Remote Desktop listening port in the most secure way possible. I know how to just open up the port completely, which works, but I'd rather not do that if I can just open it up for the Remote Desktop program.

I don't seem to be able to just "copy" the built-in Remote Desktop rule and change the port because the port number cannot be edited in some of the built in rules (or copies thereof, I guess). If it matters, I need to be able to access this port with both "old" and "new" versions of Remote Desktop (from an XP machine, as well as another windows 7 machine, for example).

Can anyone offer any assistance or otherwise offer any advice for my situation?

Thanks,
Scott


My System SpecsSystem Spec
.

10 Aug 2009   #2
johngalt

 

AFAIK, RDP has always used 3389 - why would you need separate posts? After all, you cannot have multiple RD sessions, anyway, coming into the machine, so I fail to see the need for alternate ports....

Have you tried editing the existing ED rule to just add another port?
My System SpecsSystem Spec
10 Aug 2009   #3
scottfreeze

Windows 7 RTM
 
 

Thanks for the reply. The reason I'd like to open alternate ports is because I have two computers behind my router that I'd like to connect to with Remote Desktop. I have the router configured to forward requests on port 3389 to one computer, and another port for the other computer.

As for editing the existing rule, when I try to do that I get the following message:

"This is a predefined rule and some of its properties cannot be modified."
My System SpecsSystem Spec
.


10 Aug 2009   #4
johngalt

 

Hmmm, doesn't your router allow port mapping? I mean that it takes incoming, say port 4455, and sends that to IP#1 @ port 3389, and takes incoming @ port 3389 and sends to IP #2 @ 3389?

As for editing the existing rule, yah, saw that myself when I started fooling with it.

However, I think using the path
Code:
%windir%\system32\mstsc.exe
I think you might be able to create a second rule if need be....and make it a separate port....
My System SpecsSystem Spec
10 Aug 2009   #5
scottfreeze

Windows 7 RTM
 
 

I tried using:
%windir%\system32\mstsc.exe

as the program name, but this rule does not work. I'm trying to connect from an XP computer, so my guess is that the XP version and the windows 7 version of the mstsc.exe are different enough that the windows 7 firewall doesn't recognize them as the same for the purposes of the rule. That's the best I could come up with.

With respect to the port mapping, my router software (linksys wrt54g2) only allows me to forward incoming ports to IP addresses, not specific ports at that IP address. Maybe a third party firmware for the router would allow me to do this? That would be pretty slick, and would probably be a good solution to my problem... I'll look into it.
My System SpecsSystem Spec
12 Aug 2009   #6
rico83

server 2008 r2
 
 

Hi,

You can change the listening port through regedit:

How to change the listening port for Remote Desktop

Then, on your RDP connection just append the port after the IP

192.168.0.1:4455


HTH,
Rico
My System SpecsSystem Spec
12 Aug 2009   #7
scottfreeze

Windows 7 RTM
 
 

Hi all,

Thanks for the replies. In the end, I took JohnGalt's advice and set up port-to-port (single port) forwarding. Because the Linksys WRT54G2 default firmware doesn't allow this, I flashed my router with DD-WRT, which does allow port-to-port forwarding. This allowed me to keep the Remote Desktop listening at port 3389 (default) and also use the built-in Windows Firewall rules, while at the same time directing external Remote Desktop requests to two different computers on my home network by specifying the port from the RDP client.
My System SpecsSystem Spec
03 Sep 2009   #8
Kaosu

Windows 7 Ultimate
 
 

scottfreeze,

I had this same problem and the solution is actually so rediculously simple that I wanted to slam my head against the wall after fighting with it for hours.

You create a custom rule with the program specifications set exactly like the preconfigured one. In other words, you assign the rule to a specific program and the path is "System". Set it to your custom TCP port and save it. Go back and edit it, go to the Advanced tab and make sure you allow Edge Traversal. As long as you port forward it in your router then you're golden.

I could do what you did, but I feel much more comfortable with it being on a completely different port.
My System SpecsSystem Spec
06 Sep 2009   #9
johngalt

 

Quote   Quote: Originally Posted by scottfreeze View Post
Hi all,

Thanks for the replies. In the end, I took JohnGalt's advice and set up port-to-port (single port) forwarding. Because the Linksys WRT54G2 default firmware doesn't allow this, I flashed my router with DD-WRT, which does allow port-to-port forwarding. This allowed me to keep the Remote Desktop listening at port 3389 (default) and also use the built-in Windows Firewall rules, while at the same time directing external Remote Desktop requests to two different computers on my home network by specifying the port from the RDP client.
I am highly surprised that the native Router did not allow port forwarding in the settings. however, you're still better off with DD-WRT - it rocks.

****

Good answer, Kaosu - I didn't think about the Edge traversal part of the FW settings. makes sense, in retrospect.

Stickified and Rep added.
My System SpecsSystem Spec
Reply

 Windows 7 firewall - allow alternate ports for RDP




Thread Tools





Similar help and support threads
Thread Forum
Switching off Windows 7 Firewall blocks all ports ?
Hi. I'm quite new around here and would like to say hi to everybody. I have a question to ask. If I were to stop the Windows 7 Firewall Service by right-click on Windows 7 Firewall and Select stop option, the firewall will be switched off. In this condition, does Windows 7 block all...
System Security
Unable to open ports in Windows 7 Firewall
I am trying to set up a minecraft server on my PC. It is connected wirelessly to a broadband router, and I have set up port-forwarding on the router. I am testing using Shields Up to scan the relevant port, 25565, while the server is running, and if I turn off the PC firewall, it successfully...
Network & Sharing
Norton Internet Security NIS 2014. Firewall ports open. Dangerous?
Hi All, I'm running NIS 20.4.0.40 (latest version) on my fully patched Win7 Pro laptop. I connect to the internet using a 3G cellular modem (Reliance in India). The 3G modem is connected to a Hame external 3G WiFi HotSpot Router (3GWHR). The 3GWHR broadcasts a WiFi signal and that's how my...
System Security
Opening Firewall Ports (Selected By Their Port Number)
Hello, Trying to use a program that communicates with, and controls, a radio via a 232 cable. Apparently there are a number of Ports that must be open for it to work. I have looked at all the Firewall screens, and the Advanced Firewall screens, their Rules etc., but cannot find any place...
Network & Sharing
Alternate use for Windows 7 peek icon
I am wondering if it would be possible to use the Windows peek icon in the bottom right of the screen to do the same functionality as ALT-TAB (i.e. Windows Flip) instead of just showing the screen. I'm thinking that perhaps the icon can be linked to Flip instead of Peek. It might require a...
Customization
Windows7 firewall-how to figure out what ports to open
So I have started to use windows7 RC and it's build in firewall. Until now i was on win xp with eset firewall. Everything is ok so far except two things: 1.) There doesn't seem to be anything like learning mode for win7 firewall, or is there? How em I supposed to make a rule for application if I...
System Security

Our Sites

Site Links

About Us

Find Us

Windows 7 Forums is an independent web site and has not been authorized, sponsored, or otherwise approved by Microsoft Corporation. "Windows 7" and related materials are trademarks of Microsoft Corp.

Designer Media Ltd

All times are GMT -5. The time now is 00:21.

Twitter Facebook Google+



Windows 7 Forums

Seven Forums Android App Seven Forums IOS App