Just to be thorough: Ensure that you've enabled Remote Desktop on the system first off. Then you just need a rule to allow RDP inbound. That rule can be either in your System Policy, or it can be a "normal" firewall rule. If you put it in System Policy, then it will be available even if the system goes into "lockdown" mode. I only put specific systems in my system policy for RDP- so, if you are looking for what I would consider a "best practices," it would be to put just your source IP in the System Policy, but if you want a "general" rule for all external access, I'd probably just put that in the normal access rules. That's all you need. t On 6/15/06 12:14 PM, "Amy Babinchak" <amy@xxxxxxxxxxxxxxxxxxxxxxxxxx> spoketh to all: > So System policy doesn't come into play for RDP? And all I need on the > NICs is TCP/IP. Just trying to cover all the bases because I make a ton > of changes to the configuration yesterday but most of them were at least > 30 minutes before Comcast cut me off. > > -----Original Message----- > From: isapros-bounce@xxxxxxxxxxxxx [mailto:isapros-bounce@xxxxxxxxxxxxx] > On Behalf Of Thor (Hammer of God) > Sent: Thursday, June 15, 2006 3:06 PM > To: isapros@xxxxxxxxxxxxx > Subject: [isapros] Re: Un-Pro Question > > All you need for Terminal Services is 3389 in, unless they've changed > the > port. The rule is "RDP (Terminal Services) Server" not just "RDP > (Terminal > Services)." > > First thing I would have them check is that all the services are > running- if > it is in lockdown mode, only the System Policy would be active. By > default, > the only RDP node included in the System Policy is if you installed via > Terminals Services in the first place- then that box would be in Remote > Management Computers." > > Other than that, just make sure RDP is allowed from External to Local > Host. > > t > > > On 6/15/06 11:52 AM, "Amy Babinchak" <amy@xxxxxxxxxxxxxxxxxxxxxxxxxx> > spoketh to all: > >> >> I think I've done something to lock myself out of an ISA server. :( >> Funny thing is that I wasn't making any firewall changes at the time. >> Comcast decided to do maintenance in the middle of my configuration >> efforts. Now I can't connect back in. >> >> I can't get in using PcAnywhere or Terminal Services. (No I didn't >> install PCAnywhere it was already there.) >> >> I don't see a doc anyplace on what all needs to be allowed for > terminal >> services to work. NIC configuration, System Policies, Firewall > Policies, >> Services running. I need to walk the guy on the other end through >> checking all of this for me. Anyone know of a doc? Alternatively I can >> fly down to San Antonio but I'd rather not. >> >> Thanks, >> >> Amy >> >> >> >> > > > > > >