So I opened a port for remote desktop connection, and here’s how I define it:
For svchost.exe:
allow TCP In from MAC any to MAC any Where source port is XXXXX, and Dest Port is XXXXX
But when I try to connect from another computer, my machine alerts me and asks if it’s ok. Then I can connect through that machine again, but if I change the machine, I have to approve the connection again. This just doesn’t work for me, bc I want to be able to connect to this pc from home, and to do that I need to go home and connect from there, and come back to office and grant access, pain in the ■■■.
I just want that port to be open. Can somebody please help me?
you want to connect to your office pc from your home pc, correct?
Then on top of the application rule you have made for svchost.exe in your office pc, you must open the required port in the global rules. Make a new global rule:
allow tcp in
source address : the MAC of your home PC
destination address : the MAC of your office PC
source port : any
destination port : the required port
I’ll give it a try, and will keep you posted. I have a cable modem and a wireless router at home. So I guess I need to add the modem’s MAC address to the firewall list.
I’m still wondering, if the port is open to all connections, why do I still need to set the MAC address? In the rule I have already defined I put from MAC any to MAC any, so why would I need to add my home computer’s MAC address?
Edit: Oh, I might’ve found the answer: it probably is bc the global rules are given priority to app rules?
I can’t get it to work. Everytime I connect, it asks me for permission. I want to be able to have a port completely open. Really is there not any solution to that?
The FW reads the rules top down, so make sure you have set your global allowing rule for the required incoming connection above blocking rules. The same for the incoming allowing rule for svchost.exe.
Maybe you could check that you don’t need to grant access to another process.
Every element that makes your attempts a bit unique (ip range, ports, ect) should find their way into a rule set for the INgoing traffic!
Try to find as much as possible.
And secure your computer with passwords ect…
If you cant answer this question with a sure “NO”, there is a problem:
If someone does what you do (or advanced technics), could he do the same with your computer?
Dont make the mistake to cross the fingers when the program finally works with a “free ticket rule for everything else”. The internet is waiting for this to happen