- Newest
- Most votes
- Most comments
*** To regain access to RDP on Lightsail after accidentally excluding it from the firewall while changing the port, follow these steps:***
1.Access Lightsail Console: Log in to the AWS Management Console and navigate to the Lightsail service.
2.Select Instance: Choose the Lightsail instance associated with the RDP access issue.
3.Connect via RDP: Access the instance via Remote Desktop Protocol (RDP) using the RDP client available on your local machine.
4.Edit Firewall Rules: Once connected to the instance via SSH, modify the firewall settings to allow RDP traffic. Use a text editor (such as nano or vi) to edit the firewall rules configuration file. Ensure that the rule allowing RDP traffic is correctly configured and enabled.
5.Restart Firewall Service: After saving the changes to the firewall rules configuration file, restart the firewall service to apply the new settings.
6.Verify Access: Confirm that RDP access has been restored by attempting to connect to the instance using the RDP client and the configured port.
7.Test Connectivity: Ensure that the instance is accessible via RDP from your local machine without any issues.
8.Review Security Configuration: Review the security configuration to prevent similar incidents in the future. Consider implementing best practices for managing firewall rules and changing port configurations securely. refer this document for PowerShell commands: - https://learn.microsoft.com/en-us/windows/security/operating-system-security/network-security/windows-firewall/configure-with-command-line?tabs=powershell
By following these steps, you should be able to restore RDP access to your Lightsail instance after accidentally excluding it from the firewall.
Hi,
I am assuming you mean windows firewall and not Lightsail instance firewall (open ports on the instance's networking tab in Lightsail console)?
If so, you can create a new instance from a snapshot of your current instance while injecting some powershell commands into the new instance's launch script to re-open the RDP port in the Windows firewall.
For inspiration please refer this post - https://repost.aws/questions/QUytlu4EZgTjuiKhWPF_IE4w/change-rdp-port-in-lightsail-server-and-now-no-connection#ANQeMAvGfPS429t30QkT5RqQ
Powershell commands for windows firewall here - https://learn.microsoft.com/en-us/windows/security/operating-system-security/network-security/windows-firewall/configure-with-command-line?tabs=powershell
Thanks.
I think I change port from 3389 to 3712, how can i change this again orignal?
To change the port value to default 3389, there are example commands in that same post here - https://repost.aws/questions/QUytlu4EZgTjuiKhWPF_IE4w/change-rdp-port-in-lightsail-server-and-now-no-connection#ANfPxI0oWDT3eJaEh3lUKuzw
<powershell> Set-ItemProperty -Path "HKLM:\System\CurrentControlSet\Control\Terminal Server\WinStations\RDP-Tcp\" -Name PortNumber -Value 3389 </powershell> <persist>true</persist>Can you help me with discord..?
No Sorry, I am not on discord. I see your third post here https://repost.aws/questions/QUsrFkHi7YQbCz4vZRiZctUg/my-rdp-was-locked-by-firewall, but will need some time to test out your steps and exact commands needed. If I manage to figure them out, I will post back.
This should be it.
<powershell> $portvalue = 3389 Set-ItemProperty -Path 'HKLM:\SYSTEM\CurrentControlSet\Control\Terminal Server\WinStations\RDP-Tcp' -name "PortNumber" -Value $portvalue Set-ItemProperty -Path 'HKLM:\System\CurrentControlSet\Control\Terminal Server' -name "fDenyTSConnections" -value 0 Enable-NetFirewallRule -DisplayGroup "Remote Desktop" </powershell> <persist>true</persist>
Relevant content
- asked 9 days ago
- asked a year ago
- asked 4 years ago
AWS OFFICIALUpdated a year ago- AWS OFFICIALUpdated 2 years ago
- AWS OFFICIALUpdated 8 months ago
When RDP's been blocked, this step
Connect via SSH: Access the instance via SSH using the browser-based SSH client available in the Lightsail console.won't work.Also that step should say RDP in place of SSH for a Windows instance.