Remote Desktop Connection

[Guest]

[poloparis]

I got frightened by reading a few posts on solving problems with Windows Remote Desktop Connection.

like this one for example : http://forums.comodo.com/index.php?topic=6749.msg49573

Triplejolt answered :

"There's the info you need. You need to allow the source IP address above and destination port TCP 3389 (remote desktop)."

Does that mean i cannot set Comodo Firewall to accept my incoming connections no matter where i connect from Do I absolutely have to specify the IP address where i will connect from

Thank you for your help

[poloparis]

Bump - Anyone on Remote desktop connections from random IP addresses ?

I need to connect to my granny's computer whenever she has an issue that she needs help on....

Thank you

[jasper2408]

I got frightened by reading a few posts on solving problems with Windows Remote Desktop Connection.

like this one for example : http://forums.comodo.com/index.php?topic=6749.msg49573

Triplejolt answered :

"There's the info you need. You need to allow the source IP address above and destination port TCP 3389 (remote desktop)."

Does that mean i cannot set Comodo Firewall to accept my incoming connections no matter where i connect from Do I absolutely have to specify the IP address where i will connect from

Thank you for your help

You could use "ANY" instead of a static IP but you are allowing any PC to connect to that PC thru port 3389.

You could set the rule up to initially Block then the user could manually change the rule from Block to Allow and back to Block each time. That would then let you get in and then make it safe again once you have done what you need to do.

jasper

[poloparis]

  OK ! the reason my Remote Desktop access was not working was a simple newbie mistake :

The PRIORITY of Network Monitor Rules.

very important and not mentioned enough in the configuration help posts (IMHO).

it was the same with P2P access problems.

once i figured there were rule priorities, I moved the rule granting access on the proper ports for remote desktop and P2P above the others and that worked.

 (L)

[Triplejolt]

Yup. The rules are read chronologically, from the top and down

The best way to allow RDC through the firewall is to allow it only when needed, like Jasper pointed out. And from a specific IP address to narrow down possible connections. If you can somehow guide your granny on the phone. Eg. give instruction on which rule to set to allow and from which source IP address, this rule can sit dormant in the Network Monitor section until you need it again.

[jasper2408]

Yup. The rules are read chronologically, from the top and down

The best way to allow RDC through the firewall is to allow it only when needed, like Jasper pointed out. And from a specific IP address to narrow down possible connections. If you can somehow guide your granny on the phone. Eg. give instruction on which rule to set to allow and from which source IP address, this rule can sit dormant in the Network Monitor section until you need it again.

Thanks Triplejolt, forgot to mention the order of the rules. Makes a big difference.

jasper

[Azazel616]

Does anyone know if you can setup validation via a MAC address? How about using a host name from NOIP? Anyone try that?

[Triplejolt]

As far as I know you can't use MAC address based rulesets. No-IP should work though as it uses URL's, which can be translated into IP addresses.

[www.pc-repair.ie]

Old topic, but I'd like to post as I found it useful.

I'm including a screen shot to show how I got it working.
The previous posts I've read kinda helped, but it wasn't working for me,
so I put in a range of ip's instead, just ten possibles.

As someone pointed out above, the ordering is critical, so i put the rule first.

I tried a new zone, but that didn't help.

 

Apart from that, it's a great firewall, much better than the free zone alarm offering.

[Gman64]

i guess this is for version 2 and not working with version 3 ?
Cannot find how to do the settings in version 3...
So if anyone has a suggestion with a screendump that would be more than welcome...

[Tags:]