Remote Desktop Services and Windows Firewall

Applies To: Windows Server 2008 R2

The Windows Firewall is on by default in Windows Server 2008 and Windows Server 2008 R2. Windows Firewall helps control which programs or ports can be used to communicate between the Windows Server 2008 or Windows Server 2008 R2 server and other computers on the network or the Internet. To allow a program or port to communicate through Windows Firewall, an exception needs to be enabled.

If you enable Remote Desktop, Windows Firewall automatically enables the Remote Desktop exception.

When the RD Session Host role service is installed, Windows Firewall automatically enables the following exceptions:

  • Remote Desktop

  • Remote Desktop Services

If you install other Remote Desktop Services role services, Windows Firewall will automatically enable other exceptions. For example, when you install the RD Licensing role service, Windows Firewall enables the Remote Desktop Licensing Server exception.

When you uninstall (remove) a role service from the computer, Windows Firewall automatically removes the exception for that role service.

Important

When the RD Session Host role service is uninstalled (removed), only the Remote Desktop Services exception is removed. The Remote Desktop exception is not removed.

Use the following procedure to view Windows Firewall exceptions.

Membership in the local Administrators group, or equivalent, is the minimum required to complete this procedure.

To view Windows Firewall exceptions

  1. Click Start, and then click Control Panel.

  2. Click System and Security, and then click Windows Firewall.

  3. Click Allow a program or feature through Windows Firewall.

  4. If the check box associated with the program or port listed is selected, the Windows Firewall exception for that program or port is enabled.

    Some programs only appear in the list when the role service is installed. For example, the Remote Desktop Licensing Server exception only appears in the list when the RD Licensing role service is installed on the computer.

To view more detailed information about Windows Firewall settings, use the Windows Firewall with Advanced Security snap-in.

Use the following procedure to use Windows Firewall with Advanced Security.

Membership in the local Administrators group, or equivalent, is the minimum required to complete this procedure.

To use the Windows Firewall with Advanced Security snap-in

  1. Click Start, point to Administrative Tools, and then click Windows Firewall with Advanced Security.

  2. To view detailed information about Windows Firewall settings, click either of the following nodes in the left pane:

    • Inbound rules

    • Outbound rules

For more information about configuring Windows Firewall, see the Windows Firewall with Advanced Security Help in Windows Server 2008 R2.

For more information about Remote Desktop Services-specific Windows Firewall exceptions, see the Remote Desktop Services Technical Reference (https://go.microsoft.com/fwlink/?Linkid=138056).

Additional references