none
Does anyone know the appropriate firewall rules to allow RD License Server access?

    Question

  • The KBs I have seen on this are not clear, as they talk about randomly generated port numbers, etc (which we are not about to put in a firewall).   This is for someone who has actually had to make firewall rules to allow a 2008 Terminal Server to see a 2008 RD License server on a remote subnet: what ports, and in what directions?

    Thanks,

    D

    Friday, July 30, 2010 6:34 PM

Answers

  • Hi DaveyBoy,

     

    Terminal Server Licensing uses Remote Procedure Call (RPC) over port 135, and a dynamically assigned port above 1024. To enhance security, you can control which ports RPC is using so that your firewall router can be configured to forward traffic only to these Transmission Control Protocol (TCP) ports. For information, see How to configure RPC dynamic port allocation to work with firewalls (http://go.microsoft.com/fwlink/?LinkId=48218) on the Microsoft Web site.

     

    Wilson Jia

     

    TechNet Subscriber Support in forum

    If you have any feedback on our support, please contact tngfb@microsoft.com


    This posting is provided "AS IS" with no warranties, and confers no rights. Please remember to click “Mark as Answer” on the post that helps you, and to click “Unmark as Answer” if a marked post does not actually answer your question. This can be beneficial to other community members reading the thread. ”
    • Marked as answer by Wilson Jia Wednesday, August 04, 2010 8:18 AM
    Monday, August 02, 2010 6:35 AM

All replies

  • Please use the command:

    netsh advfirewall firewall set rule group="Remote Desktop Licensing Server" new enable=Yes

    Thanks

    Silvia

    Remote Desktop Services Team Blog: http://blogs.msdn.com/b/rds

    Friday, July 30, 2010 7:44 PM
    Moderator
  • Thanks Silvia. 

    I actually need to know what ports, and in what direction(s); we don't use Windows Firewall.  I would like to hear from someone who has created specific firewall rules to enable use of a Remote Desktop Licensing Server in a remote (and firewalled) subnet and VLAN to the Terminal Server that will need to access the licensing server. As I said, The KBs I have seen on this are not clear, as they talk about randomly generated port numbers, etc (which we are not about to put in a firewall); nor do they specify traffic direction.

     

    Thanks again.

    Friday, July 30, 2010 8:41 PM
  • Hi DaveyBoy,

     

    Terminal Server Licensing uses Remote Procedure Call (RPC) over port 135, and a dynamically assigned port above 1024. To enhance security, you can control which ports RPC is using so that your firewall router can be configured to forward traffic only to these Transmission Control Protocol (TCP) ports. For information, see How to configure RPC dynamic port allocation to work with firewalls (http://go.microsoft.com/fwlink/?LinkId=48218) on the Microsoft Web site.

     

    Wilson Jia

     

    TechNet Subscriber Support in forum

    If you have any feedback on our support, please contact tngfb@microsoft.com


    This posting is provided "AS IS" with no warranties, and confers no rights. Please remember to click “Mark as Answer” on the post that helps you, and to click “Unmark as Answer” if a marked post does not actually answer your question. This can be beneficial to other community members reading the thread. ”
    • Marked as answer by Wilson Jia Wednesday, August 04, 2010 8:18 AM
    Monday, August 02, 2010 6:35 AM
  • Thanks Wilson.
    Tuesday, August 03, 2010 4:08 PM