Windows 7 Firewall Blocking RDP - Firewall rule priority issue?
Hey all,
Just had my firm laptop upgraded to Windows 7 Enterprise. Previously, when working at home, I would RDP into my laptop and use my big keyboard/mouse/monitor to work. With Windows 7, I can no longer connect via RDP.
I've been playing with the firewall on my laptop and looking at the logs and I can clearly see that the firewall is dropping packets received form my home computer on port 3389. There is a Remote Desktop inbound rule in place via group policy
active on the Domain profile only, set to allow and no other limitations. It appears to be based on the predefined rule. I've tried creating another predefined inbound rule for remote desktop that is active on the private profile as well,
but that doesn't seem to do anything. It doesn't appear in the list of 'active' rules under the monitoring section of the advanced firewall settings panel.
My guess is that the firewall compares the packet to all matching rules and chooses the most restrictive one...in this case, since the GPO rule is only active on domain and my home network is marked private, I'm SOL. Can anyone confirm that I've interpreted
this correctly? Or is there something I'm missing that could help me here?
Firewall GPOs prohibit me from turning off the firewall or setting allow all for the private profile.
Thanks!
May 25th, 2010 8:51am
Hi,
I would like to suggest you check the following article to allow Remote Desktop through Windows Firewall:
Use Remote Desktop when Windows Firewall is on
For more information, please read another article:
Connect to another computer using Remote
Desktop Connection
Regards,Arthur Li - MSFT
Free Windows Admin Tool Kit Click here and download it now
May 26th, 2010 9:52am
Yup, definitely been through these. I've explicitly added the Remote Desktop exemption, but my concern is that the GPO being pushed by IT is overriding anything I'm trying to do.
May 26th, 2010 6:34pm
I am experiencing a similar issue, and the steps in the links above also did not resolve the problem.
Note, I am able to VNC to the same servers that I cannot connect to through Remote Desktop.
Free Windows Admin Tool Kit Click here and download it now
May 27th, 2010 4:53am
Yup, definitely been through these. I've explicitly added the Remote Desktop exemption, but my concern is that the GPO being pushed by IT is overriding anything I'm trying to do.
If so, you need to contact your domain administrator to edit the group policy to fix the issue for you.
Regards,Arthur Li - MSFT
June 1st, 2010 6:14am
There is a setting in the Windows Firewall Group policy where you can choose to merge or deny windows firewall rules created by local administrators. Your domain administrator most likely has this setting enabled so that only firewall rules in the
group policy rules take effect and your locally created rule for remote desktop is denied.
Free Windows Admin Tool Kit Click here and download it now
March 9th, 2011 5:56pm