重置 windows 防火墙规则后与 RDP 断开连接

Question

I disabled the firewall for all the profiles in my windows vm. However, when I tried to enable the firewall back on by resetting it, I lost the connection to RDP and I am not able to connect with the VM again. Any idea on why that could have happened?

Answer 1

Your firewall is the security of your windows network. Once enabled it will strictly prohibit other ports that can enter your network and by disabling the firewall will allow the port to enter your network.

For this concern there is also a firewall in your GCP network which I think port 3389 for RDP is already open since you mentioned that once your firewall in windows is disable you can access RDP.

If you want to enable firewall and still can access RDP you can enable RDP from this link then here is a link where you can open a specific port, for example 3389 for RDP.

Answer 2

As what @derpirscher have explained about your firewall rule you should disable your firewall on the Windows VM to establish your connection via RDP.

Here's the steps for troubleshooting your connection to RDP.

Ensure the Windows instance is Online/Up.

Connect to the interactive serial console

How to connect to Serial port Console 2 (Interactive Mode)

1. In the GCP console, click the Navigation menu > then click Compute Engine
2. Click VM instances
3. In the Name column, click the name of the instance for which you want to Connect using Serial Console.
4. Click the EDIT button at the top of the page.
5. Tick the "Enable connecting to serial ports" under "Remote access".
6. Scroll down and click "Save"
7. Scroll up, click the dropdown arrow next to Connect to serial console, and select Serial port 2
8. At the SAC> prompt, run "cmd" to create a new channel. SAC returns the channel name, for example, Cmd001. (SAC - Special Administrative Console)
9. Run ch -sn [CHANNEL_NAME] and press any key to connect to the channel. For example:

SAC> cmd
The Command Prompt session was successfully launched.
SAC>
EVENT:   A new channel has been created.  Use "ch -?" for channel help.
Channel: Cmd0001
SAC> ch -sn cmd0001
Press any key to confirm connection to the channel.

10. Enter the username, domain, and password of the instance to connect.

Commands to use for troubleshooting

Check that your RDP service is listening (Default port 3389)

C:\Windows\system32>netstat -an | find "3389"

Check to see that the 'Remote Desktop Service' is running:

C:\Windows\system32>net start | find "Remote Desktop Services"

To stop windows RDP

The following services are dependent on the Remote Desktop Services service. Stopping the Remote Desktop Services service will also stop these services.

C:\Windows\system32>net stop "Remote Desktop Services"

Remote Desktop Services UserMode Port Redirector

Do you want to continue this operation? (Y/N) [N]: y
The Remote Desktop Services UserMode Port Redirector service is stopping.
The Remote Desktop Services UserMode Port Redirector service was stopped successfully.

The Remote Desktop Services service is stopping.
The Remote Desktop Services service was stopped successfully

To start windows RDP

C:\Windows\system32>net start "Remote Desktop Services"

The Remote Desktop Services service is starting.
The Remote Desktop Services service was started successfully.

The Remote Desktop Services service was started successfully.

To turn off windows firewall

C:\Windows\system32>netsh advfirewall set allprofiles state off

To turn on windows firewall

C:\Windows\system32>netsh advfirewall set allprofiles state on

To show windows firewall status

C:\Windows\system32>netsh advfirewall show allprofiles

You can also check this Troubleshooting RDP , Troubleshooting Windows VMs and Connect to the Windows SAC for reference.