You need to configure the Windows firewall if you want to remotely access your computer with Remote Desktop Connection. The Windows firewall protects your computer from unauthorized access by controlling the network connections on your computer.
With your computer connected to the internet, it’s always a good idea to have a firewall control the incoming (and even outgoing) connections on your computer so that you don’t get any uninvited guests snooping around in your files and personal data.
This of course has implications when you try to remotely access your computer via the Remote Desktop Protocol (RDP). You need to configure the Windows firewall so that incoming (RDP) connections to your computer are allowed.
Your computer vulnerable?
This doesn’t mean that you have to completely open up all incoming access requests to your computer, only the connections that are made on the standard RDP tcp/ip port. Per default, Remote Desktop Connections are made over standard tcp/ip port 3389, so you only need to configure the Windows firewall to allow connections over tcp/ip port 3389.
If you are using the standard Windows firewall that comes with Windows XP and Windows Vista, it will be very easy to configure Remote Desktop Connection access, because there is a special “Exceptions” section in the Windows firewall settings where you can simply check a box to allow RDP connections.
Here’s how to configure the Windows firewall for RDP connections:
- Click on the Start button
- Click “Control Panel”
- Click on “Security Center”
- Click on “Windows Firewall”
Windows will then open up the Windows firewall configuration screen:
Make sure that the “On” radio button is selected and that the “Don’t allow exceptions” checkbox is not checked (Or you won’t be able to configure the Windows firewall so that certain incoming connections are accepted).
Disabling the Windows firewall alltoghether will of course also allow incoming RDP connections, but it will allow all other incoming connections as well and it will leave your computer more vulnerable against malicious attacks. This setting is not recommended.
In order to enter the exceptions for which your firewall should allow the incoming connections, click on the “Excpetions” tab in the firewall settings screen.
You will then see a window similar to this:
Check the Remote Desktop checkbox and click ok to confirm incoming connections over the standard RDP port 3389.
Is your computer in a network?
There’s a neat trick that you can do if you have several computers in a network that share an internet connection over a router. Let’s say that you have computer A and computer B in a network, sharing an internet connection with your router.
If you are trying to remotely access your computers over the internet, you will need to configure your router so that incoming connections to the router are passed through to the computer that you want to access. That means that if you configure your router to pass incoming connections to computer A, you will never be able to remotely access computer B.
Now, most routers offer the possibility of “port forwarding”, which means that you can configure the router to configure incoming connections on port 3389 to computer A and incoming connections on port 3390 to computer B.
The trick that you can do is this: you can change the RDP listening port on computer B to 3390, configure your router to pass incoming connections on port 3390 to computer B and now you can access both computer A and B remotely over the internet with a Remote Desktop Connection by specifying the RDP port on the connection.
To the top of this “Configure the Windows Firewall” article
Copyright Windows Help Central Windows tips and tricks