Solved

How to start windows 2003 firewall from remote desktop?

Posted on 2008-06-24
8
478 Views
Last Modified: 2012-06-21
Hi,

How can I start Windows 2003 Firewall from remote using Remote Desktop without blocking the remote desktop for future connections?

Thank you,
Michael
0
Comment
Question by:clickleaders
  • 2
  • 2
  • 2
  • +2
8 Comments
 
LVL 19

Expert Comment

by:Stephen Manderson
ID: 21863400
Hi  there

You need to be a little more clear with your question in order for us to help. Are you using ISA or not?

Have you enabled the allow remote access in the computer propertes "Remote" tab?

Regards
Steve
0
 

Author Comment

by:clickleaders
ID: 21863597
I'm not in the US.
This is a remote Windwos 2003 server located in US.
The only way I can currently access it is via Remote Desktop (currently working fine).

I want to enable the Windows Firewall Service from Remote.
I want to be able to enter this computer using the Remote Desktop after the Firewall will work.

If not mistaken, this mean I have to enable an exception for Remote Desktop *BEFORE* I start the service.

How can I do that?

Thanks,
Michael
0
 
LVL 2

Expert Comment

by:mkaustubh
ID: 21864205
Hi,
Even if you are able to start the firewall service remotely then also you will have to be on the Firewall itself to configure the Exceptions for Remote Desktop.

1.When you are able to start the firewall remotely (Using MMC,RDP etc).
2.One has to be PHYSICALLY present on to the firewall to add the exceptions.

Exception would be:

Open the command Prompt and type:
netsh firewall add portopening TCP 3389 .

Hope this helps!
0
Netscaler Common Configuration How To guides

If you use NetScaler you will want to see these guides. The NetScaler How To Guides show administrators how to get NetScaler up and configured by providing instructions for common scenarios and some not so common ones.

 
LVL 2

Expert Comment

by:mkaustubh
ID: 21864299
Think this way that if the OS allows to "push the exceptions remotly" then it would have been easy for hacker and play with the machine..

Moreover if the firewall service is not started then you cannot create an exception.
You would have got an error something like:


netsh firewall>add portopening TCP 3389 RDP
The service has not been started.

So firewall has to be started first which can be started remotely ,however for creating exception you can either push it through a Group policy for this specific machine {Creating a logon script using the above command in startup script)...OR u can go and tun this cmd manually.

Cheers!

0
 
LVL 17

Expert Comment

by:kadadi_v
ID: 21864333
I am confused with your question it means you are logging to remote win2003 server using RDP client and you want to start the firewall service of win2k3 server and if you start the firewall service then your login access is not possible ..right...? How can you open the port 3389 for terminal serices and if you enabled the firewall you have to start the firewall/ICS service and it changes the serer local ip adddress to 192.168.0.1.

Regards,

VIjay Kadadi
0
 
LVL 6

Expert Comment

by:Nyah247
ID: 21910969
I am also a bit confused by the wording of your question...  You can add remote exceptions to the firewall by using psexec from the PSTOOLs set on Microsoft's system internals site.  

The commands would then be:

psexec \\machinenameorIP cmd

when the cmd opens it will be your remote computer's cmd

Netsh firewall add portopening TCP 3389 TCP3389 ENABLE CUSTOM yourmachineIP ALL

I would double check these commands because this may be a little different for Vista as I have only used these on XP.
0
 

Accepted Solution

by:
clickleaders earned 0 total points
ID: 21914138
The solution is very simple

1. Start the Firewall service. The Firewall window will open but the firewall is still set to "OFF".
2. Set the exception for accepting "Remote Desktop".
3. Set the firewall to On

That's it

Michael
0
 
LVL 6

Expert Comment

by:Nyah247
ID: 21915550
Ahh...  I misunderstood your question.  Glad you figured it out.  
0

Featured Post

Best Practices: Disaster Recovery Testing

Besides backup, any IT division should have a disaster recovery plan. You will find a few tips below relating to the development of such a plan and to what issues one should pay special attention in the course of backup planning.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

Learn about cloud computing and its benefits for small business owners.
This article offers some helpful and general tips for safe browsing and online shopping. It offers simple and manageable procedures that help to ensure the safety of one's personal information and the security of any devices.
In an interesting question (https://www.experts-exchange.com/questions/29008360/) here at Experts Exchange, a member asked how to split a single image into multiple images. The primary usage for this is to place many photographs on a flatbed scanner…

856 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question