Win2k Remote Desktop Question

[Darren]

I am trying to configure my router to allow only RD connections. Both
incoming and outgoing.
I open up port 3389 and outgoing RD connections work fine, but not incoming
on my Win2k Server.

After some playing I found that opening up ports 1590 - 1600 solved this. I
do not understand why nor can I find any documentation on this.

Looking at my Router log, it seems that one connection used 1591 and the
next used 1594. Very strange.

Any help would be appreciated.

 

[Pegasus \(MVP\)]

I am trying to configure my router to allow only RD connections. Both
incoming and outgoing.
I open up port 3389 and outgoing RD connections work fine, but not incoming
on my Win2k Server.

After some playing I found that opening up ports 1590 - 1600 solved this. I
do not understand why nor can I find any documentation on this.

Looking at my Router log, it seems that one connection used 1591 and the
next used 1594. Very strange.

Any help would be appreciated.

Maybe someone played with the Remote Desktop port number
on your Win2000 Server. It's set here:

HKLM\System\CurrentControlSet\Control\TerminalServer\WinStations\RDP-Tcp\Por
tNumber

 

[Kurt]

You'll find that remote desktop initiates on port 3389 (by default) in both
directions, but that another port is negotiated for session traffic
(otherwise only one session would be possible) once the session is
initiated. (Capture a few packets in ethereal). I don't know what your
firewall is, but you need to allow outbound traffic to 3389 on any port and
inbound traffic to 3389 on any port. Sounds like you have hit the session
ports of 1590 - 1600 (I haven't verified these), which would let you narrow
it down to only those ports (1590-1600 -> 3389 and 3389 -> 1590-1600). I may
be wrong in saying you need to allow those ports out, but since RDP works
through a NAT router with no special configuration I assume that the port is
being opened from the inside (as required by most NAT router default
policies).

....kurt