How to: Manually Configure the Windows 7 Firewall for Remote Debugging
This topic applies to:
Edition |
Visual Basic |
C# |
F# |
C++ |
Web Developer |
---|---|---|---|---|---|
Express |
|||||
Pro, Premium, and Ultimate |
Remote debugging setup requires some additional steps to configure the Windows Firewall. These steps are performed automatically when you run the remote debugger for the first time. If manual setup is needed for any reason, follow the procedures in this section. If the Windows Firewall is turned off, no firewall configuration is necessary.
If the Windows Firewall is turned on, some ports must be opened and permissions must be granted to Visual Studio and other executables involved in the remote debugging. The Windows Firewall must not be in Shielded mode.
Upozornění
Configuring the Windows Firewall to allow remote debugging could allow other users to gain remote access. You can restrict this remote access to computers on your local subnet, which will limit the security risk.
To manually configure the Visual Studio host computer
In Control Panel,click System and Security.
Click Windows Firewall.
Add an exception for TCP 135, which is the port that is used by DCOM to communicate with the remote computer.
In the Windows Firewall control panel, click Advanced Settings.
If the User Account Control dialog box appears, click Yes to continue.
The Windows Firewall with Advanced Security window opens.
Click Inbound Rules.
In the Actions pane, click New Rule.
The New Inbound Rule Wizard appears.
Under What type of rule would you like to create?, select Port, then click Next.
Select TCP and Specific local ports, then enter 135 in the Specific local ports box.
Click Next.
On the Action page, select Allow the Connection, then click Next.
On the Profile page, select the profiles where you want the rule to apply. Usually, you will want Domain and possibly Private, but not Public.
Click Next.
On the Name page, type a meaningful name, such as Remote Debugging DCOM, in the name box.
Click Finish.
If your domain policy requires network communication to take place through IPSec, perform this step. Otherwise, go to step 5.
Click New Rule.
The New Inbound Rule Wizard appears.
Under What type of rule would you like to create?, select Port, then click Next.
Select UDP and Specific local ports, then enter 4500 and 500 in the Specific local ports box.
Click Next.
On the Action page, select Allow the Connection, then click Next.
On the Profile page, select the same profiles that you selected in step 3.
Click Next.
On the Name page, type a name, such as Remote Debugging DCOM UDP, in the name box.
Click Finish.
Close the Windows Firewall with Advanced Security window.
In the Windows Firewall control panel, add an exception for the Visual Studio devenv.exe process.
Click Allow a program or feature through Windows Firewall.
Click Change Settings.
Click Allow another program.
In the Add a program dialog box, click Browse.
In the Browse dialog box, navigate to the devenv.exe location. The location is usually SystemDrive:\Program Files\Microsoft Visual Studio 10.0\Common7\IDE.
Click OK to close the Browse dialog box.
Click OK to close the Add a program dialog box.
To manually configure the remote computer
In Control Panel,click System and Security.
Click Windows Firewall.
Add an exception for TCP 135, which is the port that is used by DCOM to communicate with the remote computer.
In the Windows Firewall control panel, click Advanced Settings.
If the User Account Control dialog box appears, click Yes to continue.
The Windows Firewall with Advanced Security window opens.
Click Inbound Rules.
In the Actions pane, click New Rule.
The New Inbound Rule Wizard appears.
Under What type of rule would you like to create?, select Port, then click Next.
Select TCP and Specific local ports, then enter 135 in the Specific local ports box.
Click Next.
On the Action page, select Allow the Connection, then click Next.
On the Profile page, select the profiles where you want the rule to apply. Usually, you will want Domain and possibly Private, but not Public.
Click Next.
On the Name page, type a meaningful name, such as Remote Debugging DCOM, in the name box.
Click Finish.
If your domain policy requires network communication to take place through IPSec, perform this step. Otherwise, go to step 5.
Click New Rule.
The New Inbound Rule Wizard appears.
Under What type of rule would you like to create?, select Port, then click Next.
Select UDP and Specific local ports, then enter 4500 and 500 in the Specific local ports box.
Click Next.
On the Action page, select Allow the Connection, then click Next.
On the Profile page, select the same profiles that you selected in step 3.
Click Next.
On the Name page, type a name, such as Remote Debugging DCOM UDP, in the name box.
Click Finish.
Add exceptions for TCP 139, TCP 445, UDP 137, and UDP 138, which are the ports that are used by DCOM to communicate with the remote computer.
Click New Rule.
The New Inbound Rule Wizard appears.
Under What type of rule would you like to create?, select Port, then click Next.
Select TCP and Specific local ports, then enter 139, 445 in the Specific local ports box.
Click Next.
On the Action page, select Allow the Connection, then click Next.
On the Profile page, select the same profiles that you selected in step 3.
Click Next.
On the Name page, type a name, such as Remote Debugging File and Printer Sharing TCP, in the name box.
Click Finish.
Click New Rule again.
The New Inbound Rule Wizard appears.
Under What type of rule would you like to create?, select Port, then click Next.
Select UDP and Specific local ports, then enter 137, 138 in the Specific local ports box.
Click Next.
On the Action page, select Allow the Connection, then click Next.
On the Profile page, select the same profiles that you selected in step 3.
Click Next.
On the Name page, type a name, such as Remote Debugging File and Printer Sharing UDP, in the name box.
Click Finish.
Close the Windows Firewall with Advanced Security window.
In the Windows Firewall control panel, add an exception for the Visual Studio msvcmon.exe process.
Click Allow a program or feature through Windows Firewall.
Click Change Settings.
Click Allow another program.
In the Add a program dialog box, click Browse.
In the Browse dialog box, navigate to the devenv.exe location. The location is usually SystemDrive:\Program Files\Microsoft Visual Studio 10.0\Common7\IDE.
Click OK to close the Browse dialog box.
Click OK to close the Add a program dialog box.