the global rule "permit remote PC in tcp3389" doesn't work"~HELP~SOS~

I use the free Chinese version Comodo Firewall &D+,Version:5.4.189822.1355

I build a global rule like as follow to permit a remote PC connect thi local PC:

permit tcp in from IP A.A.A.A to IP B.B.B.B when ths source port is any the destination port is 3389

but this rule seems doesn’t work,is there someone who can tell me what is wrong with my rule~

and what is the right one ~thx!

Also try giving the remote desktop application the Trusted Application policy. Does that bring a solution here?

Also make sure the global rule is on top of other rules

(Select the new rule > Move Up)

Also make sure you click Apply/Ok

Kind Regards
Jake

I give the “svchost.exe” the trusted application policy,and now it is ok,thx~

but this means any comupter on the Internet can connect my machine,

is there better solution to permit one remote pc connect in ,but deny the others.

what can i do further?

I am sure the policy has been applied,I give the “svchost.exe” the trusted application policy,now it is ok,but any pc on the Internet can connect in,Is there better solution to permit one pc to connect in ,but deny the others?

ps:i only have a ADSLwith a dynamic IP~

Hello

Adding The Rule to Global Rules should work! (See Attached)
Computer 1.1.1.0 Is able to connect to 1.1.1.2 on port 3389

To answer the above question;

Open CIS > Firewall > Stealth Ports Wizard > Block all Incoming Connections and make my ports stealth for everyone > Ok

Network Security Policy > Network Zones > *Look at the list see which contains your IP and Select the group that has your Current IP (Start > Run > cmd > ipconfig) > Add > New Address > IPv4 Single Address > Add The IP Address You are trying to allow to connect to your PC > Apply > Apply

Stealth Ports Wizard > Define a New Trusted Network > Select the Group Name That Has your IP and the IP of the computer you want to connect to your computer > Ok > Ok

Network Security Policy > svchost > edit > Copy From > Another Application > System > Apply > Ok

Hope this helps

[attachment deleted by admin]

In addition to the recommendations offered by Jacob, you could remove the trusted status for svchost and create rules that allow the connectivity you require. this might help.

In addition to the above create an inbound rule for svchost:

Action - Allow
Protocol - TCP
Direction - IN
Source Address - The IP address of the computer you’re connecting from
Destination Address - The RDP Host
Source Port - ANY
Destination Port 3389

Also change the global rule so that the source address (the computer you’re connecting from) is defined.

Make sure there is a Block and log as the last rule for svchost.

You can also change the default port for RDP to make it less obvious:

Start Registry Editor.

  1. Locate and then click the following registry subkey:
  2. HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\TerminalServer\WinStations\RDP-Tcp\PortNumber
  3. On the Edit menu, click Modify, and then click Decimal.
  4. Type the new port number, and then click OK.
  5. Quit Registry Editor.
  6. Restart the computer.

If you do this change the Application rules for svchost and your global rules to the port number you choose.

Better still, use ssh http://theillustratednetwork.mvps.org/Ssh/RemoteDesktopSSH.html

I do this after u,it works;

in a word,your solution is:
add the remote IP and the local IP to the trusted zone,and make the svchost(3389) visible to the trusted zone only,am i right?

thx for your favor,and it is truely better to use SSH~

Sorry for advising to make svchost.exe Trusted Application. I was under the assumption you were using a third party application not the remote desktop function of Windows.