PLZ HELP, Firewall shows alerts even for open ports

redstarx · September 22, 2011, 8:13pm

So I opened a port for remote desktop connection, and here’s how I define it:

For svchost.exe:
allow TCP In from MAC any to MAC any Where source port is XXXXX, and Dest Port is XXXXX

But when I try to connect from another computer, my machine alerts me and asks if it’s ok. Then I can connect through that machine again, but if I change the machine, I have to approve the connection again. This just doesn’t work for me, bc I want to be able to connect to this pc from home, and to do that I need to go home and connect from there, and come back to office and grant access, pain in the ■■■.

I just want that port to be open. Can somebody please help me?

Boris_3 · September 22, 2011, 9:02pm

Hi redstarx,

you want to connect to your office pc from your home pc, correct?

Then on top of the application rule you have made for svchost.exe in your office pc, you must open the required port in the global rules. Make a new global rule:
allow tcp in
source address : the MAC of your home PC
destination address : the MAC of your office PC
source port : any
destination port : the required port

Drag that rule on top of all the others.

redstarx · September 23, 2011, 12:01am

Thanks Boris,

I’ll give it a try, and will keep you posted. I have a cable modem and a wireless router at home. So I guess I need to add the modem’s MAC address to the firewall list.

I’m still wondering, if the port is open to all connections, why do I still need to set the MAC address? In the rule I have already defined I put from MAC any to MAC any, so why would I need to add my home computer’s MAC address?

Edit: Oh, I might’ve found the answer: it probably is bc the global rules are given priority to app rules?

redstarx · September 23, 2011, 9:13pm

I can’t get it to work. Everytime I connect, it asks me for permission. I want to be able to have a port completely open. Really is there not any solution to that?

Boris_3 · September 23, 2011, 11:12pm

Hi redstarx,

The FW reads the rules top down, so make sure you have set your global allowing rule for the required incoming connection above blocking rules. The same for the incoming allowing rule for svchost.exe.

Maybe you could check that you don’t need to grant access to another process.

clockwork · September 23, 2011, 11:17pm

And it could be important what the question of the firewall is about

redstarx · September 26, 2011, 9:11pm

The way I fixed it was adding an application rule for svchost.exe as Allow IP In from MAC XX to MAC XX Where Protocol is any.

Thanks for your help. I’m just wondering if I need to put more restrictions, because it seems with that rule, my ports are open.

clockwork · September 27, 2011, 8:26pm

Every element that makes your attempts a bit unique (ip range, ports, ect) should find their way into a rule set for the INgoing traffic!
Try to find as much as possible.
And secure your computer with passwords ect…

If you cant answer this question with a sure “NO”, there is a problem:
If someone does what you do (or advanced technics), could he do the same with your computer?

Dont make the mistake to cross the fingers when the program finally works with a “free ticket rule for everything else”. The internet is waiting for this to happen