Solved

How to start windows 2003 firewall from remote desktop?

Posted on 2008-06-24
8
443 Views
Last Modified: 2012-06-21
Hi,

How can I start Windows 2003 Firewall from remote using Remote Desktop without blocking the remote desktop for future connections?

Thank you,
Michael
0
Comment
Question by:clickleaders
  • 2
  • 2
  • 2
  • +2
8 Comments
 
LVL 19

Expert Comment

by:Stephen Manderson
ID: 21863400
Hi  there

You need to be a little more clear with your question in order for us to help. Are you using ISA or not?

Have you enabled the allow remote access in the computer propertes "Remote" tab?

Regards
Steve
0
 

Author Comment

by:clickleaders
ID: 21863597
I'm not in the US.
This is a remote Windwos 2003 server located in US.
The only way I can currently access it is via Remote Desktop (currently working fine).

I want to enable the Windows Firewall Service from Remote.
I want to be able to enter this computer using the Remote Desktop after the Firewall will work.

If not mistaken, this mean I have to enable an exception for Remote Desktop *BEFORE* I start the service.

How can I do that?

Thanks,
Michael
0
 
LVL 2

Expert Comment

by:mkaustubh
ID: 21864205
Hi,
Even if you are able to start the firewall service remotely then also you will have to be on the Firewall itself to configure the Exceptions for Remote Desktop.

1.When you are able to start the firewall remotely (Using MMC,RDP etc).
2.One has to be PHYSICALLY present on to the firewall to add the exceptions.

Exception would be:

Open the command Prompt and type:
netsh firewall add portopening TCP 3389 .

Hope this helps!
0
 
LVL 2

Expert Comment

by:mkaustubh
ID: 21864299
Think this way that if the OS allows to "push the exceptions remotly" then it would have been easy for hacker and play with the machine..

Moreover if the firewall service is not started then you cannot create an exception.
You would have got an error something like:


netsh firewall>add portopening TCP 3389 RDP
The service has not been started.

So firewall has to be started first which can be started remotely ,however for creating exception you can either push it through a Group policy for this specific machine {Creating a logon script using the above command in startup script)...OR u can go and tun this cmd manually.

Cheers!

0
What Should I Do With This Threat Intelligence?

Are you wondering if you actually need threat intelligence? The answer is yes. We explain the basics for creating useful threat intelligence.

 
LVL 17

Expert Comment

by:kadadi_v
ID: 21864333
I am confused with your question it means you are logging to remote win2003 server using RDP client and you want to start the firewall service of win2k3 server and if you start the firewall service then your login access is not possible ..right...? How can you open the port 3389 for terminal serices and if you enabled the firewall you have to start the firewall/ICS service and it changes the serer local ip adddress to 192.168.0.1.

Regards,

VIjay Kadadi
0
 
LVL 6

Expert Comment

by:Nyah247
ID: 21910969
I am also a bit confused by the wording of your question...  You can add remote exceptions to the firewall by using psexec from the PSTOOLs set on Microsoft's system internals site.  

The commands would then be:

psexec \\machinenameorIP cmd

when the cmd opens it will be your remote computer's cmd

Netsh firewall add portopening TCP 3389 TCP3389 ENABLE CUSTOM yourmachineIP ALL

I would double check these commands because this may be a little different for Vista as I have only used these on XP.
0
 

Accepted Solution

by:
clickleaders earned 0 total points
ID: 21914138
The solution is very simple

1. Start the Firewall service. The Firewall window will open but the firewall is still set to "OFF".
2. Set the exception for accepting "Remote Desktop".
3. Set the firewall to On

That's it

Michael
0
 
LVL 6

Expert Comment

by:Nyah247
ID: 21915550
Ahh...  I misunderstood your question.  Glad you figured it out.  
0

Featured Post

Maximize Your Threat Intelligence Reporting

Reporting is one of the most important and least talked about aspects of a world-class threat intelligence program. Here’s how to do it right.

Join & Write a Comment

There are several problems reported according slow link speeds or poor performance in TMG 2010, UAG 2010 or ISA 2006. I want to collect here some of the common issues together to give a brief overview what can be the reason. Nevertheless, not all of…
A quick step-by-step overview of installing and configuring Carbonite Server Backup.
This video discusses moving either the default database or any database to a new volume.
Access reports are powerful and flexible. Learn how to create a query and then a grouped report using the wizard. Modify the report design after the wizard is done to make it look better. There will be another video to explain how to put the final p…

707 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

13 Experts available now in Live!

Get 1:1 Help Now