 | |
| |
| 10 Aug 2009 | #1 |
| | Windows 7 firewall - allow alternate ports for RDP Hi all, I'm looking for help configuring Windows 7 (RTM) firewall to allow traffic for an alternate Remote Desktop listening port in the most secure way possible. I know how to just open up the port completely, which works, but I'd rather not do that if I can just open it up for the Remote Desktop program. I don't seem to be able to just "copy" the built-in Remote Desktop rule and change the port because the port number cannot be edited in some of the built in rules (or copies thereof, I guess). If it matters, I need to be able to access this port with both "old" and "new" versions of Remote Desktop (from an XP machine, as well as another windows 7 machine, for example). Can anyone offer any assistance or otherwise offer any advice for my situation? Thanks, Scott |
My System Specs | |
| 10 Aug 2009 | #2 |
| | AFAIK, RDP has always used 3389 - why would you need separate posts? After all, you cannot have multiple RD sessions, anyway, coming into the machine, so I fail to see the need for alternate ports.... Have you tried editing the existing ED rule to just add another port? |
| My System Specs |
| 10 Aug 2009 | #3 |
| | Thanks for the reply. The reason I'd like to open alternate ports is because I have two computers behind my router that I'd like to connect to with Remote Desktop. I have the router configured to forward requests on port 3389 to one computer, and another port for the other computer. As for editing the existing rule, when I try to do that I get the following message: "This is a predefined rule and some of its properties cannot be modified." |
| My System Specs |
| . |
| |
| 10 Aug 2009 | #4 |
| | Hmmm, doesn't your router allow port mapping? I mean that it takes incoming, say port 4455, and sends that to IP#1 @ port 3389, and takes incoming @ port 3389 and sends to IP #2 @ 3389? As for editing the existing rule, yah, saw that myself when I started fooling with it. However, I think using the path Code: %windir%\system32\mstsc.exe |
| My System Specs |
| 10 Aug 2009 | #5 |
| | I tried using: %windir%\system32\mstsc.exe as the program name, but this rule does not work. I'm trying to connect from an XP computer, so my guess is that the XP version and the windows 7 version of the mstsc.exe are different enough that the windows 7 firewall doesn't recognize them as the same for the purposes of the rule. That's the best I could come up with. With respect to the port mapping, my router software (linksys wrt54g2) only allows me to forward incoming ports to IP addresses, not specific ports at that IP address. Maybe a third party firmware for the router would allow me to do this? That would be pretty slick, and would probably be a good solution to my problem... I'll look into it. |
| My System Specs |
| 12 Aug 2009 | #6 |
| | Hi, You can change the listening port through regedit: How to change the listening port for Remote Desktop Then, on your RDP connection just append the port after the IP 192.168.0.1:4455 HTH, Rico |
| My System Specs |
| 12 Aug 2009 | #7 |
| | Hi all, Thanks for the replies. In the end, I took JohnGalt's advice and set up port-to-port (single port) forwarding. Because the Linksys WRT54G2 default firmware doesn't allow this, I flashed my router with DD-WRT, which does allow port-to-port forwarding. This allowed me to keep the Remote Desktop listening at port 3389 (default) and also use the built-in Windows Firewall rules, while at the same time directing external Remote Desktop requests to two different computers on my home network by specifying the port from the RDP client. |
| My System Specs |
| 03 Sep 2009 | #8 |
| | scottfreeze, I had this same problem and the solution is actually so rediculously simple that I wanted to slam my head against the wall after fighting with it for hours. You create a custom rule with the program specifications set exactly like the preconfigured one. In other words, you assign the rule to a specific program and the path is "System". Set it to your custom TCP port and save it. Go back and edit it, go to the Advanced tab and make sure you allow Edge Traversal. As long as you port forward it in your router then you're golden. I could do what you did, but I feel much more comfortable with it being on a completely different port. |
| My System Specs |
| 06 Sep 2009 | #9 |
| | 
Quote: Originally Posted by scottfreeze  Hi all, Thanks for the replies. In the end, I took JohnGalt's advice and set up port-to-port (single port) forwarding. Because the Linksys WRT54G2 default firmware doesn't allow this, I flashed my router with DD-WRT, which does allow port-to-port forwarding. This allowed me to keep the Remote Desktop listening at port 3389 (default) and also use the built-in Windows Firewall rules, while at the same time directing external Remote Desktop requests to two different computers on my home network by specifying the port from the RDP client. **** Good answer, Kaosu - I didn't think about the Edge traversal part of the FW settings. makes sense, in retrospect. Stickified and Rep added. |
| My System Specs |
 |
Windows 7 firewall - allow alternate ports for RDP problems?
| Thread Tools | |
| Similar help and support threads for: Windows 7 firewall - allow alternate ports for RDP | ||||
| Thread | Forum | |||
| Windows Personal Firewall service and Mcafee firewall not turning on | System Security | |||
| eset firewall and anti virus or whats the best firewall with windows | System Security | |||
 Getting an alternate GPU(vga) driver on windows 7... | Graphic Cards | |||
| Opening Firewall Ports (Selected By Their Port Number) | Network & Sharing | |||
| Windows7 firewall-how to figure out what ports to open | System Security | |||
All times are GMT -5. The time now is 12:53 AM.
