IPB

Welcome Guest ( Log In | Register )

 
Closed TopicStart new topic
> Remote Desktop Connection Problem, My remote desktop connection is blocked
jsaffer
post 25.05.2007 17:25
Post #1


Newbie
*

Group: Members
Posts: 7
Joined: 25.05.2007




Hello all,

I have installed the latest version of Kaspersky Internet Security on my home desktop computer. I often need to access the home computer from my laptop at work and I use the Remote Desktop Connection feature to do so. In the past, I've had either Norton Internet Security or ZoneAlarm on my home desktop, and have had no trouble connecting to the home desktop from my work laptop.

However, after uninstalling Norton and ZoneAlarm, and installing Kaspersky, my home desktop is now blocking access from the work laptop -- unless I disable the Kaspersky firewall. I've done that as a temporary workaround and am relying on the built-in Windows XP firewall on the desktop instead.

I know that if I could enter the ip address as a trusted source in Kaspersky's Zone settings, Kaspersky would let my laptop in. However, the problem with that is that my Internet connection at work is through AT&T's DSL service and that's a dynamic IP address, not a static one. In other words, they change the IP number for my laptop connection every few days.

I'd like to find out how I can set things up so that I can use Kaspersky's firewall and yet have it allow through my laptop when I use the Remote Desktop Connection feature. Thanks very much for help on this.

Jason
Go to the top of the page
 
+Quote Post
Lucian Bara
post 25.05.2007 17:33
Post #2


Are You Kidding?
*****************

Group: Moderators
Posts: 56947
Joined: 28.01.2006
From: Timisoara, Romania




hello
try disabling the stealth mode in the firewall zone settings and reboot.

This post has been edited by Lucian Bara: 25.05.2007 17:33
Go to the top of the page
 
+Quote Post
jsaffer
post 25.05.2007 19:35
Post #3


Newbie
*

Group: Members
Posts: 7
Joined: 25.05.2007




QUOTE(Lucian Bara @ 25.05.2007 16:33)
hello
try disabling the stealth mode in the firewall zone settings and reboot.
*


Thanks very much for your input. I'm not quite sure how to disable the stealth mode in the firewall zone setting. Can you walk me through that bit more so I can try this out. Then, am I supposed to reboot the computer? Thanks very much.
Go to the top of the page
 
+Quote Post
jsaffer
post 30.05.2007 01:05
Post #4


Newbie
*

Group: Members
Posts: 7
Joined: 25.05.2007




Through trial and error and also reading past messages in the forum, I came upon this procedure that, so far, seems to be allowing me to access my desktop computer from my laptop at work:

I changed the edit rules for SVCHOST.EXE to allow inbound and outbound TCP connections on port 3389.

Procedure:

Go to Settings: Anti-Hacker. Click on Rules for Applications. Highlight SVCHOST.EXE and click on Edit. Highlight Microsoft Remote Desktop TCP Activity. Click on the blue OutBound Stream blue link in the Rule Description box. Then choose Inbound and Outbound option.

Also, I had to click on the Template button and click on Allow All.

This procedure seems to allow me to keep everything in the Zones as stealth and still access my home computer (which has Kaspersky on it) from my laptop at work.

I hope this procedure can help others who might search the forum database at some point looking for help with their own Remote connection issues.

....Jason
Go to the top of the page
 
+Quote Post
CohProg
post 17.09.2007 23:10
Post #5


Newbie
*

Group: Members
Posts: 1
Joined: 17.09.2007




QUOTE(jsaffer @ 29.05.2007 23:05) *
I changed the edit rules for SVCHOST.EXE to allow inbound and outbound TCP connections on port 3389.

Procedure:

Highlight Microsoft Remote Desktop TCP Activity. Click on the blue OutBound Stream blue link in the Rule Description box. Then choose Inbound and Outbound option.


This doesnt have any effect : By doing that, you allow connection from your computer to go out
to port 3389 of another computer. That's not what you need here. (and outgoing is already ok
anyway)

QUOTE
Also, I had to click on the Template button and click on Allow All.


By doing that, you allow any connections from anywhere and whatever the protocol.
That's why it then work but its not what you want to do as you dont want to open
the firewall fully.

What you want to do is allow access to terminal server from anywhere. That's :
protocol TCP. Source : anywhere / generic port. To destination : localhost on
port 3389.

To do that, edit rules for svchost.exe and add a new one with :
Allow inbound TCP connection where local port : 3389

(If you did the Template : allow all stuff, dont forget to remove the two rules :
allow any TCP and allow any UDP...)

Cheers,
Yann Stettler


Go to the top of the page
 
+Quote Post
jsaffer
post 18.09.2007 00:17
Post #6


Newbie
*

Group: Members
Posts: 7
Joined: 25.05.2007




QUOTE(CohProg @ 17.09.2007 22:10) *
I had written: I changed the edit rules for SVCHOST.EXE to allow inbound and outbound TCP connections on port 3389.
You wrote: This doesnt have any effect : By doing that, you allow connection from your computer to go out
to port 3389 of another computer. That's not what you need here. (and outgoing is already ok anyway)

Thanks for your feedback. I could use some clarification. Can you tell me exactly how I should reverse my alteration so that it will go back to the default -- in other words, how I can change the edit rules so that it won't just allow connection from my computer to go out to port 3389 of another computer.

I had written: Also, I had to click on the Template button and click on Allow All.
You wrote: By doing that, you allow any connections from anywhere and whatever the protocol. That's why it then work but its not what you want to do as you dont want to open the firewall fully.

You suggested: What you want to do is allow access to terminal server from anywhere. That's :
protocol TCP. Source : anywhere / generic port. To destination : localhost on port 3389.

To do that, edit rules for svchost.exe and add a new one with :
Allow inbound TCP connection where local port : 3389

I'm not sure exactly how to do what you suggest. Do I go to svchost.exe, highlight it, and then click edit? What do I do then?
Pardon my ignorance, it's been hard for me to learn how to tweak these settings.


(If you did the Template : allow all stuff, don't forget to remove the two rules :
allow any TCP and allow any UDP...)
Do I delete these two items by just unselecting the check box next to each item or by highlighting the item and choosing "delete."

Also, is there a way to back up my current settings in case my making any of these changes causes a problem?

Thanks again for your help!

Jason


Cheers,
Yann Stettler

Go to the top of the page
 
+Quote Post
jsaffer
post 18.09.2007 01:23
Post #7


Newbie
*

Group: Members
Posts: 7
Joined: 25.05.2007




QUOTE(CohProg @ 17.09.2007 22:10) *
I had written: I changed the edit rules for SVCHOST.EXE to allow inbound and outbound TCP connections on port 3389.
You wrote: This doesnt have any effect : By doing that, you allow connection from your computer to go out
to port 3389 of another computer. That's not what you need here. (and outgoing is already ok anyway)

Thanks for your feedback. I could use some clarification. Can you tell me exactly how I should reverse my alteration so that it will go back to the default -- in other words, how I can change the edit rules so that it won't just allow connection from my computer to go out to port 3389 of another computer.

I had written: Also, I had to click on the Template button and click on Allow All.
You wrote: By doing that, you allow any connections from anywhere and whatever the protocol. That's why it then work but its not what you want to do as you dont want to open the firewall fully.

You suggested: What you want to do is allow access to terminal server from anywhere. That's :
protocol TCP. Source : anywhere / generic port. To destination : localhost on port 3389.

To do that, edit rules for svchost.exe and add a new one with :
Allow inbound TCP connection where local port : 3389

I'm not sure exactly how to do what you suggest. Do I go to svchost.exe, highlight it, and then click edit? What do I do then?
Pardon my ignorance, it's been hard for me to learn how to tweak these settings.

(If you did the Template : allow all stuff, don't forget to remove the two rules :
allow any TCP and allow any UDP...)
Do I delete these two items by just unselecting the check box next to each item or by highlighting the item and choosing "delete."

Also, is there a way to back up my current settings in case my making any of these changes causes a problem?

Thanks again for your help!

Jason

Cheers,
Yann Stettler
Go to the top of the page
 
+Quote Post

Closed TopicStart new topic

 



Lo-Fi Version Time is now: 25.04.2014 01:46