Remote Desktop connection Block/Log at Remote. help?

The environmental info____
CFP version: v3.0.14.276
OS: XP Pro SP2 [fully patched]
Log on: Admin
Previous Firewall: Non, clean system install, 1 week old.
Other apps running in background: This is a clean OS with AVG [services turned off], and PG2. No other security apps running.

PROBLEM <<<
When using XP Remote Desktop to connect from one box to the other I can not prevent the Remote box with CFP from logging this in ‘Firewall Events.’

svchost.exe BLOCKED TCP {source} {source port} {destination} 3389 {time}

I just spent 3 hours messing around with all the rules/setting.
I have done a search on the forum already and found no solutions. If I missed it please just post a link.
First easy Q? Is this a known issue? Has anyone successfully gotten a XP Remote Desktop connection up? What did you do?

Tomorrow morning I will take a fresh look at this and start to post Settings and attempts to resolve. But right now I should work on other work. If I don’t walk away I will waste my whole day trying to resolve this. :wink:

Thanks in advance,
(L)

Ok, I admit it, after lunch I just could not walk away from this small problem. With some new clarity on the subject I found the problem.

Everything worked like a champ after I moved my Network Security Policy rule for svchost* above the rules for Windows Update Applications and System.

Without further investigation it appears that my rule that blocks Windows Update Applications was also blocking svchost.exe. This would not supprise me since svchost.exe services are just a generic container for running .dll’s. Would some smart windows person please shed some light on this issue? Plus if you found this post b/c you are also having problems with Remote Desktop and would like me to post all my rules that effecting RD on the remote box I will gladly do so.

The problem was most likely that I set Windows Update Applications to Block/Log in the first place. Understanding that as “Theory.” Here are my top 3 Network Security Policies for comment.

C:\Windows\system32\svchost*
Allow and Log IP out from IP Any to IN [LAN] where protocol is Any
Allow and Log IN from IN[LAN] to IP Any where protocol is Any
Block and Log IP In/Out from IP any to IP any where protocol is Any
Windows Update Applications
Block and Log ALL Incoming and Outgoing Requests
System
“SAME AS svchost* above”

Moral of the story is… I love CFP and RD works fine now.