RDP, WIN2003 and LnS

Discussion in 'LnS English Forum' started by connected3d, Nov 18, 2009.

Thread Status:
Not open for further replies.
  1. connected3d

    connected3d Registered Member

    Joined:
    Oct 4, 2009
    Posts:
    6
    I've loaded LnS on my SBS 2003 box. My problem is we are a few administrators that logon to the server using RDP. Each time we logon LnS is reloaded and the firewall rules in one RDP session (Terminal) is different to another RDP session blocking certain services again.

    Can I load LnS as a system service to avoid LnS loading everytime someone RDP. Also then to have only one packet filtering rule set for the server and also just one application config?

    Thanks
     
  2. Phant0m

    Phant0m Registered Member

    Joined:
    Jun 7, 2003
    Posts:
    3,684
    Location:
    Canada
    Under some conditions you could use 'Common to all users' on the Look 'n' Stop - 'Options' Tab/screen and under 'Registry keys'.


    Regards,
    Phant0m``
     
    Last edited: Nov 19, 2009
  3. connected3d

    connected3d Registered Member

    Joined:
    Oct 4, 2009
    Posts:
    6
    Thanks for the reply Phantom. I've set those settings but I seem to be picking up major inconsistensies between the main server screen (sitting at the server) and the various RDP sessions. It would seem that if you launch Look 'n Stop in one of the RDP sessions it loads it's own filtering rules again. Furthermore you cannot see the logs in Look 'n Stop at all from the RDP sessions.
     
  4. Frederic

    Frederic LnS Developer

    Joined:
    Jan 9, 2003
    Posts:
    4,354
    Location:
    France
    You can try to remove the Look 'n' Stop entry from this registry key:
    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

    And add it only for one user in:
    [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]

    Regards,

    Frederic
     
  5. connected3d

    connected3d Registered Member

    Joined:
    Oct 4, 2009
    Posts:
    6
    Hi Frederic

    Thanks for the reply. From what I gather is that Look 'n Stop does not check to see if there is an existing LnS running before launching another instance when connecting via RDP. Because if I RDP in to the server and would like to quickly mod a rule I can't because the currently launch RDP LnS is completely different from the LnS started using the service option. And if I quit the LnS launch in the RDP it closes all filtering including the LnS launched as a system service. Based on your suggestion, should we only enable it for one user who will it be? Because ideally we would like LnS to start as a service (like it is currently set due to the fact that we want LnS to startup independently from any user profile. This is due to the fact that it is a server and needs to start working the second the server boots).

    Ideally what would be great is if you can launch the LnS engine via a system service and then admin the "engine" using a console application (Frontend like it is now). Basically separate the actual management application from the actual filtering engine. This would mean that you can launch the engine via a system service and let it run independent from the actual management interface. Then you can RDP and just launch the management interface, update rules, check the logs etc. Same with the next RDP sessions.

    Thanks
    Quinton
     
  6. Frederic

    Frederic LnS Developer

    Joined:
    Jan 9, 2003
    Posts:
    4,354
    Location:
    France
    Yes, unfortunately, you can't mix the two modes. Either it is started as a service, and you should have only one instance, and it is not possible to modify the rules from one RDP session, or you have one instance by logged user, and each user has its own options.
    Yes, I agree this would be the ideal design to support properly multiple sessions. It require a new design...

    Regards,

    Frederic
     
Thread Status:
Not open for further replies.