Remote Desktop dependency on Windows Firewall (W10 22H2)

BadHellie

BadHellie

Member
Messages
85
Reaction score
1
Hi, I just wanted to report that I found Remote Desktop not working in my ISO, i.e it could not be enabled in the Settings (error message "Remote desktop is blocked by your firewall" plus "Open port 3389 to let Remote Desktop through your firewall").
In my ISO I had removed Windows Firewall and Windows Firewall Service (who knows me knows I am a butcher lol who prefers to remove things rather than just disabling...).
It goes without saying that I had set up no blocks in my router against port 3389 (here I am referring to remote desktop'ing from within my LAN of course, not over the Internet).
So I discovered the hard way that I had to restore Windows Firewall components (even leaving them disabled is OK, what matters is that they are still in place).
[EDIT: errata corrige, it must ALSO be enabled, at least in order to enable Remote Desktop, then in can be disabled]

I must say it is quite counter-intuitive to me that Remote Desktop finds a port forbidden... WITHOUT the firewall !!!! Oh well :rolleyes:

PS. any guru out there knows if there are maybe some Registry tricks to let Remote Desktop work even without the Firewall component ??
 
Last edited:
1. W10/11 won't make it past OOBE without having the Windows Firewall Service installed. But you can remove Windows Firewall.
Code: 
        <RemoveComponents AppRemovalMode="DISM">
                <c>firewall 'Windows Firewall'</c>
                <c>wfmmc 'Windows Firewall (management console)'</c>
                <c>wfmmc32 'Windows Firewall (management console) - 32 bit'</c>
        </RemoveComponents>

2. When you enable or disable RDP from the Settings app, it calls Windows Firewall to update the rule for default port 3389. Your real question becomes "how do I get RDP access without using Settings?"

Enabling RDP by changing registry setting only works if RDP has been enabled several times previously
Code: 
reg add "HKLM\System\CurrentControlSet\Control\Terminal Server" /v fDenyTSConnections /t REG_DWORD /d 0x00000000 /f
reg add "HKLM\System\CurrentControlSet\Control\Terminal Server\WinStations\RDP-TCP" /v UserAuthentication /t REG_DWORD /d 0x00000001 /f

I didn't touch any firewall settings, in order to RDP into the newly installed system.

View attachment 13584
 
Thank you Garlin. So it turns out one really cannot remove the Windows Firewall for RDP to work. Oh well, I will restore it.

Btw yes I can confirm, even here, there is no need to change anything in firewall config for RDP to work. On a fresh install with Firewall not removed, it is enough to enable RDP in the Settings.

Oh, sorry stupid question, just for my convenience (since I have already installed my ISO on a machine and configured it and I would avoid redoing everything from scratch if possible), you have an idea if I can restore the removed Firewall Service component 'live' ? In case I can't or it would be a mess I will rather reinstall of course, no prob. One simply never tests everything enough lol
 
UPDATE !
Actually, it turns out Remote Desktop IS WORKING even without Firewall and with the respective switch in Settings panel turned OFF !!!
It was enough to set the two reg values as you suggested:

Code: 
reg add "HKLM\System\CurrentControlSet\Control\Terminal Server" /v fDenyTSConnections /t REG_DWORD /d 0x00000000 /f
reg add "HKLM\System\CurrentControlSet\Control\Terminal Server\WinStations\RDP-TCP" /v UserAuthentication /t REG_DWORD /d 0x00000001 /f

On a fresh install without Firewall, setting the two above is enough for the machine to accept a working RDP session, despite the Settings switch remains off ! :)
 
BadHellie said:
Oh, sorry stupid question, just for my convenience (since I have already installed my ISO on a machine and configured it and I would avoid redoing everything from scratch if possible), you have an idea if I can restore the removed Firewall Service component 'live' ? In case I can't or it would be a mess I will rather reinstall of course, no prob. One simply never tests everything enough lol
Click to expand...
Licensed NTLite users can use Host refresh to restore any previously removed components. It's basically a repair reinstall on a live system.
Host Refresh and Install Updates wizards
 
I didn't know of that, thanks VM. But now that I have discovered the trick, I don't need it anymore... at least, NOT for this component ;)
 
You must log in or register to reply here.
Back
Top