Re: is sbs2003 setting up my clients firewall, greyed out

This is set in a group policy called "Small Business Server Windows
Firewall." I'm assuming you never messed with this policy and that it's in
its default configuration. If that's the case, I'd say that it's almost
certainly not the cause of your inability to RDP to desktop PCs. Probably
99% of the posters in this group use the default GPO settings for Windows
Firewall, and if they were blocking RDP it would be a well known issue.

Rather than messing with the GPO, how about logging the firewall's
activities? You can enable that on the workstation in CP - > Windows
Firewall -> Advanced. It creates a log C:\WINDOWS\pfirewall.log.

It's hard to tell what's going on since you didn't give specifics of what
happens when you try to connect. I'd run the CEICW to make sure you're set
up with your preferred remote access settings. On the desktops, look at
CP -> System -> Remote to check that the Remote Desktop settings are
correct. Make the user a local admin on the host machine temporarily to
rule out security settings. Make sure the machines are not set to sleep or
hibernate. Check SBS and desktop PC logs for errors.

If you're still not getting in normally, please post back the exact error
the user receives when attempting the connection.

BTW, there's a common sentiment that perimeter firewalls eliminate the need
for Windows Firewall on the desktops. I disagree with that - what about
when someone downloads some malware or brings it into your domain on a USB
memory key? In that case, the perimeter firewall isn't even involved.


"D_tek" <Dtek@xxxxxxxxxxxxxxxxxxxxxxxxx> wrote in message
news:F3211A6B-499E-41CE-BDFD-1603A96089C1@xxxxxxxxxxxxxxxx
have sbs2003, all clients running xp sp2, office 2003. also have fortigate
firewall so am not worried about disabling xp firewall. I can VPN into the
server and RDC with no problems. But I have 2 clients who need to RDC from
home and am having issues with those connections.(fortigate is configed
correctly) When I lok at the client machines the firewall cannot be
disabled,
it is greyed out. I would like to turn it off for troubleshooting reasons.
I
have tryed locally and as DC admin. all still greyed out. Is this
something
the sbs2003 server is asigning to the client machines and can I stop it.
any
help would be great thanks Ed



.

Relevant Pages

  • Re: login attempts
    ... > Every day i have on my win2000 iternet server a lots of wrong login ... Windows by default allows ... You also need a firewall. ... the internet, except for those ports you know you're using. ...
    (microsoft.public.win2000.security)
  • Re: How to Maintain an IIS Server?
    ... >> server running on a Windows 2000 server. ... > before a firewall and antivirus have been installed]. ... > program or executable using that port. ...
    (microsoft.public.inetserver.iis.security)
  • [NT] Vulnerability in Server Service Allows Code Execution (MS08-067)
    ... Vulnerability in Server Service Allows Code Execution ... This security update resolves a privately reported vulnerability in the ... Windows 2000, Windows XP, and Windows Server 2003 systems, an attacker ... Firewall best practices and standard default ...
    (Securiteam)
  • Re: Guide to secure installtion of IIS 5
    ... don't forget a well-configured firewall. ... Do not put the computer onto the network or the Internet until after the ... Follow the instructions for hardening Windows and IIS at ... Install all service packs and security fixes from Microsoft and otherwise ...
    (microsoft.public.inetserver.iis.security)
  • Re: NETFW.INF, Preconfigured Firewall settings and dialogs
    ... it is Windows Server 2003 SP1 firewall that i'm using. ... Using the document '832017 Port Requirements for the Microsoft Windows ... > to achieve the following goal: some ports are open by default and others ...
    (microsoft.public.windows.server.networking)
Loading