By using AWS re:Post, you agree to the AWS re:Post Terms of Use
AWS re:Postre:Post

My RDP WAS locked by firewall

0

While I was building a defense system against brute force attacks and DDoS, I accidentally excluded RDP from the firewall while changing the RDP port, so I am unable to access RDP. You will need to allow RDP again in your firewall. What should I do.. It's Lightsail

I had changed HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Terminal Server\WinStations\RDP-Tcp PortNumber AND HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Terminal PortNumber I changed these portnumber 3389 to 3712, AND I turn off "allow remote desktop firewall" and My connection was disconnected.

I want to change all things related to RDP to original

please write content i should insert to snapshots script

Topics
Compute
Tags
Amazon LightsailCompute
Language
English
omsseung
asked 9 days ago149 views
2 Answers
2

Here's the content you should insert into the .reg file to set the RDP port back to the original value (3389):

Windows Registry Editor Version 5.00

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Terminal Server\WinStations\RDP-Tcp]
"PortNumber"=dword:00000d3d

Follow these steps:

1.Open Notepad or any text editor.

2.Copy the above content and paste it into the text editor.

3.Save the file with a .reg extension, for example, rdp_port_original.reg.

4.Transfer this .reg file to your Windows instance.

5.Double-click on the .reg file to import it into the Windows registry. You may be prompted to confirm the action.

After importing the .reg file, the RDP port should be set back to the default value (3389). Then, you can re-enable the Windows Firewall rule for Remote Desktop using the steps I mentioned earlier:

netsh advfirewall firewall set rule group="Remote Desktop" new enable=yes

Run this command in Command Prompt to enable the Remote Desktop firewall rule.

Once you've completed these steps, you should be able to access RDP on the default port (3389) again.

Thanniru Anil Kumar
answered 9 days ago
0

Hi,

I responded on your original post here. But posting here too for the community.

The PowerShell commands to reset those changes should be as follows :

(I did not find any property named HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Terminal, hence there's no line related to that in the below commands)

<powershell>
$portvalue = 3389

Set-ItemProperty -Path 'HKLM:\SYSTEM\CurrentControlSet\Control\Terminal Server\WinStations\RDP-Tcp' -name "PortNumber" -Value $portvalue

Set-ItemProperty -Path 'HKLM:\System\CurrentControlSet\Control\Terminal Server' -name "fDenyTSConnections" -value 0

Enable-NetFirewallRule -DisplayGroup "Remote Desktop"
</powershell>
<persist>true</persist>

You would add this to the launch-script while creating a new instance from the snapshot of your locked-out instance.

The password for this new instance will be same as that of your old instance (but will not be accessible to Lightsail for the browser-based-RDP client because the snapshot was created without Windows Sysprep, so you will need to enter it manually). If you have NOT customized the password, please make sure to note the default password of the original instance before deleting it.

Thanks.

profile pictureAWS
EXPERT
AWS-SUM
answered 9 days ago

You are not logged in. Log in to post an answer.

A good answer clearly answers the question and provides constructive feedback and encourages professional growth in the question asker.

Guidelines for Answering Questions

Relevant content