Solved

How to start windows 2003 firewall from remote desktop?

Posted on 2008-06-24
8
495 Views
Last Modified: 2012-06-21
Hi,

How can I start Windows 2003 Firewall from remote using Remote Desktop without blocking the remote desktop for future connections?

Thank you,
Michael
0
Comment
Question by:clickleaders
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 2
  • 2
  • 2
  • +2
8 Comments
 
LVL 19

Expert Comment

by:Stephen Manderson
ID: 21863400
Hi  there

You need to be a little more clear with your question in order for us to help. Are you using ISA or not?

Have you enabled the allow remote access in the computer propertes "Remote" tab?

Regards
Steve
0
 

Author Comment

by:clickleaders
ID: 21863597
I'm not in the US.
This is a remote Windwos 2003 server located in US.
The only way I can currently access it is via Remote Desktop (currently working fine).

I want to enable the Windows Firewall Service from Remote.
I want to be able to enter this computer using the Remote Desktop after the Firewall will work.

If not mistaken, this mean I have to enable an exception for Remote Desktop *BEFORE* I start the service.

How can I do that?

Thanks,
Michael
0
 
LVL 2

Expert Comment

by:mkaustubh
ID: 21864205
Hi,
Even if you are able to start the firewall service remotely then also you will have to be on the Firewall itself to configure the Exceptions for Remote Desktop.

1.When you are able to start the firewall remotely (Using MMC,RDP etc).
2.One has to be PHYSICALLY present on to the firewall to add the exceptions.

Exception would be:

Open the command Prompt and type:
netsh firewall add portopening TCP 3389 .

Hope this helps!
0
Defend Your Organization from The Greatest Threats

Looking to fill the gaps in your security? Bring together information from the network, endpoint and threat intelligence feeds to really see what's happening in your organization. Join the WatchGuardians in their adventures fighting cyber crime!

 
LVL 2

Expert Comment

by:mkaustubh
ID: 21864299
Think this way that if the OS allows to "push the exceptions remotly" then it would have been easy for hacker and play with the machine..

Moreover if the firewall service is not started then you cannot create an exception.
You would have got an error something like:


netsh firewall>add portopening TCP 3389 RDP
The service has not been started.

So firewall has to be started first which can be started remotely ,however for creating exception you can either push it through a Group policy for this specific machine {Creating a logon script using the above command in startup script)...OR u can go and tun this cmd manually.

Cheers!

0
 
LVL 17

Expert Comment

by:kadadi_v
ID: 21864333
I am confused with your question it means you are logging to remote win2003 server using RDP client and you want to start the firewall service of win2k3 server and if you start the firewall service then your login access is not possible ..right...? How can you open the port 3389 for terminal serices and if you enabled the firewall you have to start the firewall/ICS service and it changes the serer local ip adddress to 192.168.0.1.

Regards,

VIjay Kadadi
0
 
LVL 6

Expert Comment

by:Nyah247
ID: 21910969
I am also a bit confused by the wording of your question...  You can add remote exceptions to the firewall by using psexec from the PSTOOLs set on Microsoft's system internals site.  

The commands would then be:

psexec \\machinenameorIP cmd

when the cmd opens it will be your remote computer's cmd

Netsh firewall add portopening TCP 3389 TCP3389 ENABLE CUSTOM yourmachineIP ALL

I would double check these commands because this may be a little different for Vista as I have only used these on XP.
0
 

Accepted Solution

by:
clickleaders earned 0 total points
ID: 21914138
The solution is very simple

1. Start the Firewall service. The Firewall window will open but the firewall is still set to "OFF".
2. Set the exception for accepting "Remote Desktop".
3. Set the firewall to On

That's it

Michael
0
 
LVL 6

Expert Comment

by:Nyah247
ID: 21915550
Ahh...  I misunderstood your question.  Glad you figured it out.  
0

Featured Post

Are You Ransomware's Next Victim?

Worried about ransomware attacks hitting your organization?  The good news is that these attacks are predicable and therefore preventable. Learn more about how you can  stop a ransomware attacks before encryption takes place with WatchGuard Total Security!

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

Recently, I had the need to build a standalone system to run a point-of-sale system. I’m running this on a low-voltage Atom processor, so I wanted a light-weight operating system, but still needed Windows. I chose to use Microsoft Windows Server 200…
ADCs have gained traction within the last decade, largely due to increased demand for legacy load balancing appliances to handle more advanced application delivery requirements and improve application performance.
With Secure Portal Encryption, the recipient is sent a link to their email address directing them to the email laundry delivery page. From there, the recipient will be required to enter a user name and password to enter the page. Once the recipient …

738 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question