[isapros] Re: Un-Pro Question

• From: "Thor (Hammer of God)" <thor@xxxxxxxxxxxxxxx>
• To: "isapros@xxxxxxxxxxxxx" <isapros@xxxxxxxxxxxxx>
• Date: Thu, 15 Jun 2006 13:06:03 -0700

Just to be thorough:

Ensure that you've enabled Remote Desktop on the system first off.

Then you just need a rule to allow RDP inbound.  That rule can be either in
your System Policy, or it can be a "normal" firewall rule.  If you put it in
System Policy, then it will be available even if the system goes into
"lockdown" mode.  I only put specific systems in my system policy for RDP-
so, if you are looking for what I would consider a "best practices," it
would be to put just your source IP in the System Policy, but if you want a
"general" rule for all external access, I'd probably just put that in the
normal access rules.

That's all you need.

t



On 6/15/06 12:14 PM, "Amy Babinchak" <amy@xxxxxxxxxxxxxxxxxxxxxxxxxx>
spoketh to all:

> So System policy doesn't come into play for RDP? And all I need on the
> NICs is TCP/IP. Just trying to cover all the bases because I make a ton
> of changes to the configuration yesterday but most of them were at least
> 30 minutes before Comcast cut me off.
> 
> -----Original Message-----
> From: isapros-bounce@xxxxxxxxxxxxx [mailto:isapros-bounce@xxxxxxxxxxxxx]
> On Behalf Of Thor (Hammer of God)
> Sent: Thursday, June 15, 2006 3:06 PM
> To: isapros@xxxxxxxxxxxxx
> Subject: [isapros] Re: Un-Pro Question
> 
> All you need for Terminal Services is 3389 in, unless they've changed
> the
> port.  The rule is "RDP (Terminal Services) Server" not just "RDP
> (Terminal
> Services)."
> 
> First thing I would have them check is that all the services are
> running- if
> it is in lockdown mode, only the System Policy would be active.  By
> default,
> the only RDP node included in the System Policy is if you installed via
> Terminals Services in the first place- then that box would be in Remote
> Management Computers."
> 
> Other than that, just make sure RDP is allowed from External to Local
> Host.
> 
> t 
> 
> 
> On 6/15/06 11:52 AM, "Amy Babinchak" <amy@xxxxxxxxxxxxxxxxxxxxxxxxxx>
> spoketh to all:
> 
>> 
>> I think I've done something to lock myself out of an ISA server. :(
>> Funny thing is that I wasn't making any firewall changes at the time.
>> Comcast decided to do maintenance in the middle of my configuration
>> efforts. Now I can't connect back in.
>> 
>> I can't get in using PcAnywhere or Terminal Services. (No I didn't
>> install PCAnywhere it was already there.)
>> 
>> I don't see a doc anyplace on what all needs to be allowed for
> terminal
>> services to work. NIC configuration, System Policies, Firewall
> Policies,
>> Services running. I need to walk the guy on the other end through
>> checking all of this for me. Anyone know of a doc? Alternatively I can
>> fly down to San Antonio but I'd rather not.
>> 
>> Thanks,
>> 
>> Amy
>> 
>> 
>> 
>> 
> 
> 
> 
> 
> 
> 

• References:
  • [isapros] Re: Un-Pro Question
    • From: Amy Babinchak

Other related posts:

• » [isapros] Un-Pro Question
• » [isapros] Re: Un-Pro Question
• » [isapros] Re: Un-Pro Question
• » [isapros] Re: Un-Pro Question
• » [isapros] Re: Un-Pro Question
• » [isapros] Re: Un-Pro Question
• » [isapros] Re: Un-Pro Question
• » [isapros] Re: Un-Pro Question
• » [isapros] Re: Un-Pro Question
• » [isapros] Re: Un-Pro Question
• » [isapros] Re: Un-Pro Question
• » [isapros] Re: Un-Pro Question
• » [isapros] Re: Un-Pro Question
• » [isapros] Re: Un-Pro Question
• » [isapros] Re: Un-Pro Question
• » [isapros] Re: Un-Pro Question
• » [isapros] Re: Un-Pro Question
• » [isapros] Re: Un-Pro Question

1. Home
2. isapros
3. Archive
4. 06-2006

---

• » Previous by Date
• » Next by Date
• » Related Posts
• » View list details
• » Manage your subscription

---