Tek-Tips is the largest IT community on the Internet today!

Members share and learn making Tek-Tips Forums the best source of peer-reviewed technical information on the Internet!

Register Log in
  • Congratulations Chriss Miller on being selected by the Tek-Tips community for having the most helpful posts in the forums last week. Way to Go!

Win 7 Firewall, VPN, and Offer Remote Assistance

Status
Not open for further replies.
irbk

irbk

MIS
Oct 20, 2004
578
US
We are in the process of starting to roll out Windows 7. We are a small IT shop of 2, supporting about 150 users all across the US. Needless to say, most of our work is done remotely. When we need to log onto a users computer as ourself, we have used Remote Desktop with great sucess. When we needed to be loged on as the user, we used Netmeeting. As you know Microsoft took Netmeeting out of the OS in Vista. We had a minimial deployment of Vista, so it never really effected us. However, with Windows 7 we are actually rolling out Win 7 systems to the users. We are still working to resolve the issues with Windows 7 Offer Remote Assistance and the secure desktop prompt to allow a remote user to respond to UAC requests (making, in my opionion, the secure desktop useless as my remote users do not have admin rights, nor do I want them to know the local admin password) I've got a group policy in place to stop that from happening, but it only seems to work on computers that have the administration tools installed on for some reason. Anyway, that's not the point of this post. Last week we were experimenting with Offer Remote Assistance through our VPN connection. Before the VPN was tested, we made sure that Offer Remote Assistance worked locally (which it did). However, once the test box left our local network and connected to VPN, there was something that was blocking the Offer Remote Assistance connection. It had something to do with the firewall on the Win 7 box, because when we disabled the firewall completely on the Win 7 box, Offer Remote Assistance connected with out a glitch. I went through the firewall settings and for the life of me could not figure out what in the firewall settings would block the Offer Remote Assistance, but only when it's on the VPN. I'm hoping some one else may have run across this problem and have a solution.

Thanks in advance!
 
Sort by date Sort by votes
Upvote 0 Downvote
Is the VPN using the "Public Profile" settings when before it was on a "private profile" while you tested?

Remote Assistance and Windows Firewall

Windows Firewall with Advanced Security Getting Started Guide

Understanding Firewall Profiles
 
Upvote 0 Downvote

@lemon13 - It's not the VPN firewall. The system could connect to the VPN fine. It was something on the systems firewall. We looked at the firewall with advanced security and made sure that all the remote assistance and the remote desktop firewall settings and made sure that they were allowed, regardless of the remote address and made sure they were all set for the same profile. (this includes ports 3389 and 135) All the settings were correct. As for crossloop, my company is too cheap. They would rather me spend hours trying to figure this out then $100/year for us 2 technicians to have a "simple" solution.
@linney - We checked that, it didn't seem to make a difference.
Connected to the network as a "home" network, then deleted the network and connected to it as a "work" network, same issues.

I'm really rather frustrated at some of the decisions MS made with Remote Desktop. It seems like this is one program where trying to work around the security makes it just not worth the hassle. I miss netmeeting already ;-)
 
Upvote 0 Downvote
Why don't you use a third party tool like Logmein.

its Free, quick and no need for firewall configuration. its also highly secure. we use it for around 800 odd PCs.
 
Upvote 0 Downvote
We use a form of VNC when all else fails. It's a pain because only one of us at a time can use it, and you really can't change the rights of the logged on user. I know I've looked at logmein, isn't that only "Free" for personal use?
 
Upvote 0 Downvote
sure, what is your cost per hour? ask them!
bad managers ;-)

M. Knorr

MCSE, MCTS, MCSA, CCNA
 
Upvote 0 Downvote
@linney - Got nothing to do with the VPN. VPN works fine. It's something with the firewall on the remote system that blocks it because when I turn off the firewall on the remote system, it works.
@Lemon13 - They don't care. They would rather me spend hours working on it only to come to some kind of 1/2 hearted solution that is a horrible compromise.

Yes, Bad Managers, no biscuit.
 
Upvote 0 Downvote
I've looked at that silly sample chapter about a dozen times. All it tells me is that the settings that I have set should work.
As for the 2nd link, Just a cursory glance at it but it looks like that's got to do with initiating it over an IM request, which we don't use.

As for logmein, I'll have to take another look at it. I know I looked at it before and for some reason decided that it would not work for us. However, I don't remember what that reason is now.
 
Upvote 0 Downvote
irbk said:
I know I've looked at logmein, isn't that only "Free" for personal use?
Click to expand...
That is correct. LogMeIn is free for personal use only. You can download a free trial of a business version but you'd be in violation of the EULA if you used the free edition for business use.

Hope this helps.

Please help us help you. Read Tek-Tips posting polices before posting.

Canadian members check out Tek-Tips in Canada for socializing, networking, and anything non-technical.
 
Upvote 0 Downvote
Ahh, that could be why I decided it wasn't for us. Before I started, my company got in trouble with the BSA and had to write a big fat check. So we are now very methodical about making sure to stick to EULA's.
 
Upvote 0 Downvote
I've used Zolved a little myself, and can vouch that it DOES work. However, I was reading this thread hoping to find another free alternative that works faster. There's one out now (apparently) by Google called Gbridge which sounds so far like it's a dream come true for this sort of thing. It's 100% free, and it does everything, or practically everything. It even allows you to connect via a VNC method or a WRD method. I've not tried it yet myself, but am planning to sometime within the next 2 to 3 weeks at absolute latest.

My problem with Zolved is that the connection sometimes was finicky, and would disconnect for no reason. Also, it was rather slow - though I think that may just be the way it is, and it may depend upon the user's connection. For instance, the worst connection I had was with a person's computer who has their DSL internet through a small local phone company... at least I think they're small. Regardless, the home is "out in the boonies", so there's no telling, really. [smile] I'm thinking of getting that person to test using OpenDNS for their DNS settings in their router just to see if it gives us any better results, but I think it's just a slow connection for now. It was even slow if I had the visual settings on my end (seeing their desktop) set to black and white, and turning off anything unnecessary. Even if I didn't take control (it's an option in Zolved), the connection was still painfully slow. I tried the same thing with my brother on a somewhat faster connection, I think, and the speed was a little better, but I can't be for sure. He tried to load up a video game as a test for performance, and we had to just kill the connection. [wink]

But I can attest that Zolved DOES work. And the connection may depend upon the internet connections at both ends, I've no idea... and it may depend upon traffic, I also don't have a way to test for that. I can also attest that it's REALLY easy on the client PC end. I had the other person download the small file, run it, and give me the necessary code, and we got some things done I thought were NEVER goign to happen. [smile]

Regardless, it is slow, and I'm looking for a faster (but still free, or at least cheap, solution). Most solutions I found were doggone expensive!

--

"If to err is human, then I must be some kind of human!" -Me
 
Upvote 0 Downvote
Status
Not open for further replies.

Similar threads

Flinx
  • Locked
  • Question
backup fails with error code 0x81000019 and possible fix 1
Replies
5
Views
2K
Flinx
Flinx
DTGMI
  • Locked
  • Question
WIN 10 Pro PC & Adding back to our Network
Replies
1
Views
845
pjw001
pjw001
RonL2
  • Locked
  • Question
win 7 Chrome and Opera
Replies
4
Views
421
Mike Lewis
Mike Lewis
K
  • Locked
  • Question
Recover Data Windows 10 1
Replies
2
Views
4K
Rick998
Rick998
Flinx
  • Locked
  • Question
the SAGA of trying to get a computer to sleep and wake up on a schedule
Replies
1
Views
2K
Flinx
Flinx

Part and Inventory Search

Sponsor

Back
Top