Windows 10, Windows 11
|
|
|
|
|
The following information shows how you can open port 3389 on a Windows installation. However, sometimes the Windows Firewall is under control of the anti-virus software or other security-related software. Therefore the following information might not always be applicable.
AADServer can create and maintain Windows Firewall rules.
This option is available for Windows 10 and newer, and Windows Server 2016 and newer.
In case the option for Windows Firewall is selected, AADS creates and maintains the following Firewall rules:
Open the "Control Panel" in Windows 10/11, and select "Windows Firewall".
Enable the Windows Firewall.
Click on "Allow an app or feature through Windows Firewall"....
De-select both "Remote Administration" and "Remote Desktop" : both should not be selected.
Note: now that you are viewing the Firewall settings of Windows 10/11, you might spend some time on the "rules" that are default enabled by Microsoft: firewall rules that are introduced with Windows 8 and are copied to Windows 10/11, and are focussing on "things" you might not need and want on your AADS Terminal Server. For example, you might not want that your users can play games, and download and install "content" for those games. Therefore it would be good to view all rules like "Play to functionality" and disable them.
After de-selecting both "Remote Administration" and "Remote Desktop", click on OK.
Select "Advanced Settings"
Select first "Inbound Rules", followed by "New Rule...."
Select "Port", and click on the "Next" button.
Enter the RDP portnumber of AADS Terminal Server, and click on the "Next" button.
Select "Allow the connection", and click on the "Next" button.
Select Domain, Private and Public, and click on the "Next" button.
Note: the option "Domain" might only be visible if the AADServer is joined to a Domain, and might not visible in case of a stand-alone AADS Terminal Server.
Enter the name "AADS-RDP", and click on the "Finish" button.
There should now be an "Inbound Rule" with the name "AADS RDP".
The RDP port number of the AADS Terminal Server is changed to 12345. This setting must also be done in the Windows Firewall:
Select the rule AADS-RDP, and select "Properties", followed by changing the "Local port" number to 12345.
When this Server is used in an AADS Farm, default it will be using port 3390 for the Farm-communication. The protocol is UDP:
Select first "Inboud Rules", followed by clicking on "New Rule...."
Select "Port", and click on the "Next" button.
Select UDP and enter 3390, and click on the "Next" button.
Select "Allow the connection", and click on the "Next" button.
Select Domain, Private and Public, and click on the "Next" button.
Enter the name "AADS-FARM-UDP", and click on the "Finish" button.
There should now be an "Inbound Rule" with the name "AADS-FARM-UDP".
In the example above, the broadcast address for the Farm is 192.168.200.255. This implies that the Farm is running on the network-scope/range 192.168.200.0/255.255.255.0
It is possible to limit the Firewall rule "AADS-Farm-UDP" to the the network-scope/range 192.168.200.0/255.255.255.0, which is more secure:
|
© 2012-2023 AADS WorldWide. Terminal Server | Application Server | Remote Desktop solutions | Firewall |
|
|
|