Wie konfiguriert man die Firewall für Remote-Funktionen?

Wenn Sie die Fernzugriffsfunktionen von AIDA64 Business nutzen wollen, müssen Sie  sicherstellen, dass die Software über die lokalen Firewalls kommunizieren kann. In der Praxis werden zwei Windows-Firewall-Popups, die um die Erlaubnis die entsprechende Firewallregel zu erstellen bitten auf den Clientcomputern erscheinen, wenn AIDA64 zum ersten Mal startet, was nicht versierte Benutzer verwirren kann. Aus Sicherheitsgründen werden die meisten Benutzer wahrscheinlich "Nicht zulassen" wählen, was die Fernzugriffsfunktionen von AIDA64 blockiert.

Accordingly, it is not recommended to let users make the choice here, if they have the rights to perform such operations at all. Educating users about this firewall settings can be difficult and costly, and we would also like to avoid visiting each client computer one by one, so the most practical solution is to set up our server so that it deploys the proper firewall settings on every computer in the domain as they log on.

If we only have Windows XP SP2 or newer systems in our domain

We need to configure our server in such a way that all computers in the domain receive the necessary firewall settings. On the server, in the quick menu of an existing GPO (or we can also create a new one) click Edit| Computer Configuration| Policies| Administrative Templates| Network| Network Connections| Windows firewall| Domain profile and search for Windows Firewall: Define inbound program exceptions, then click Enabled. Click Show, add the following two paths, and finally, link the GPO to the organization unit in which our computers are grouped:



Note that this solution works only on Windows XP SP2 or later!

If we only have Vista or newer systems in our domain

Log in to one client computer in the domain as an administrator and run AIDA64 Business over the network. Select “Accept Incoming Remote Connections” then add “aida64.exe” and “aida_rcs.dll” to the firewall exceptions. Open “Windows Firewall with Advanced Security” under Control Panel \ System and Security \ Windows Firewall \ Advanced Settings then select Export Policy from the right panel and save the .wfw file to the server. In the context menu of the server's existing GPO (or we can also create a new one) navigate to Edit| Computer Configuration| Policies| Windows Settings| Security Settings| Windows Firewall with Advanced Security| Windows Firewall with Advanced Security, right click, select “Import Policy” and then select the exported file. This way, firewall rules are added to the GPO and will be applied to all clients. Finally, link our GPO to the OU in which our computers are grouped.

Adding the firewall exceptions manually

If we have configured each client manually to run AIDA64 Business, as a final step, we need to allow the software to pass through the firewall. We can do this by clicking “allow” on the two popup notifications that Windows firewall displays when the program is launched for the first time on each client.

But the process can be easily automated by running the BAT script file below, which will add the required exceptions to Windows firewall.

If AIDA64 is launched from the server, for example:

netsh firewall add allowedprogram \\SRVR2012\Shares\AIDA64Business\aida64.exe aida64.exe enable

netsh firewall add allowedprogram \\SRVR2012\Shares\AIDA64Business\aida_rcs.dll aida_rcs.dll enable

If AIDA64 is launched from the local PC, for example:

netsh firewall add allowedprogram C:\AIDA64Business\aida64.exe aida64.exe enable

netsh firewall add allowedprogram C:\AIDA64Business\aida_rcs.dll aida_rcs.dll enable