Information
The topic you requested is included in another documentation set. For convenience, it's displayed below. Choose Switch to see the topic in its original location.

How to: Manually Configure the Windows XP Firewall for Remote Debugging

This topic applies to:

Edition

Visual Basic

C#

C++

Web Developer

Express

Topic does not applyTopic does not applyTopic does not applyTopic does not apply

Standard

Topic does not applyTopic does not applyTopic does not applyTopic does not apply

Pro and Team

Topic appliesTopic appliesTopic appliesTopic applies

Table legend:

Topic applies

Applies

Topic does not apply

Does not apply

Topic applies but command hidden by default

Command or commands hidden by default.

On Windows XP SP2 platforms, remote debugging setup requires some additional steps to configure the Windows Firewall. These steps are performed automatically when you run the remote debugger for the first time. If manual setup is needed for any reason, follow the procedures in this section.

If the Windows Firewall is off, no firewall configuration is necessary.

If the Windows Firewall is on, some ports must be opened and permissions must be granted to Visual Studio and other executables involved in the remote debugging. The Windows Firewall must not be in Shielded mode.

Caution noteCaution:

Configuring the Windows Firewall to allow remote debugging could allow other users to gain remote access. You can restrict this remote access to computers on your local subnet, which will limit the security risk.

To configure the Visual Studio host computer

  1. In Control Panel,click Security Center.

  2. In the Windows Security Center, click Windows Firewall.

  3. In the Internet Connection Firewall window, click the Exceptions tab.

  4. Steps 6-9 open TCP port 135 (used by DCOM to communicate with remote computers).

  5. On the Exceptions tab, click the Add a Port button.

  6. In the Add Port dialog box, do the following:

    • For Port Number, type 135.

    • For Description, type a description (such as remote debugging DCOM).

    • Select TCP.

  7. (Optional) Limiting access to computers on your local subnet enhances security. You should do this unless you have to debug outside the local subnet.

    1. Click Change Scope.

    2. In the Change Scope dialog box, select My network (subnet) only.

    3. Click OK.

  8. Click OK to close the Add a Port dialog box.

  9. If your domain policy requires network communication to be done through IPSec, do this step. Otherwise, skip it.

    • Open UDP port 4500 (used for IP security) by repeating the prior step, substituting UDP for the Protocol, and 4500 for the Port Number.

    • Open UDP port 500 (used for IP security) the same way, substituting UDP for the Protocol, and 500 for the Port Number.

    Steps 11-16 add Devenv.exe (the Microsoft Visual Studio development environment) to the SP2 application security Exception list so that it can dynamically open ports at runtime.

  10. Click Add a program.

  11. In the Add program dialog box, click the Browse button.

  12. In the Browse dialog box, navigate to where devenv.exe is located (typically SystemDrive:\Program Files\Microsoft Visual Studio 8 Common7\IDE). Select devenv.exe.

  13. Click OK to close the Browse dialog box.

  14. (Optional) Limiting access to computers on your local subnet enhances security. You should do this unless you have to debug outside the local subnet.

    1. Click Change Scope.

    2. In the Change Scope dialog box, select My network (subnet) only.

    3. Click OK.

  15. Click OK to close the Add a program dialog box.

To configure the remote computer

  1. In Control Panel,click Security Center.

  2. In the Windows Security Center, click Windows Firewall.

  3. In the Internet Connection Firewall window, click the Exceptions tab.

    Steps 5-8 open the TCP 135 port, which is used by DCOM to communicate with remote computers.

  4. On the Exceptions tab, click the Add Port button

  5. In the Add Port dialog box, do the following:

    • For Port Number, type 135.

    • For Description, type a description (such as remote debugging DCOM).

    • Select TCP.

  6. (Optional) Limiting access to computers on your local subnet enhances security. You should do this unless you have to debug outside the local subnet.

    1. Click Change Scope.

    2. In the Change Scope dialog box, select My network (subnet) only.

    3. Click OK.

  7. Click OK to close the Add Port dialog box.

  8. If your domain policy requires network communication to be done through IPSec, do this step. Otherwise, skip it.

    • Open UDP port 4500 (used for IP security) by repeating the prior step, substituting UDP for the Protocol, and 4500 for the Port Number.

    • Open UDP port 500 (used for IP security) the same way, substituting UDP for the Protocol, and 500 for the Port Number.

    Steps 10-14 open ports necessary for file and print sharing.

  9. In the Programs and Services box, select File and Print Sharing.

  10. Click the Edit button.

  11. In the Edit a Service dialog box, select the following ports: TCP 139, TCP 445, UDP 137, and UDP 138.

  12. (Optional) Limiting access to computers on your local subnet enhances security. You should do this unless you have to debug outside the local subnet.

    1. Click Change Scope.

    2. In the Change Scope dialog box, select My network (subnet) only.

    3. Click OK.

  13. Click OK to close the Edit a Service dialog box.

    Steps 15-19 add msvsmon to the SP2 Exception list. This enables it to dynamically open ports at run time.

  14. Click the Add a Program button.

  15. In the Add a Program dialog box, click the Browse button.

  16. In the Browse dialog box, navigate to where Msvsmon.exe is located, which will be one of the following directories:

    Install path \Microsoft Visual Studio 8\Common7\IDE\Remote Debugger\x86

    Install path \Microsoft Visual Studio 8\Common7\IDE\Remote Debugger\x64

    Install path \Microsoft Visual Studio 8\Common7\IDE\Remote Debugger\ia64

  17. (Optional) Limiting access to computers on your local subnet enhances security. You should do this unless you have to debug outside the local subnet.

    1. Click Change Scope.

    2. In the Change Scope dialog box, select My network (subnet) only.

    3. Click OK.

  18. Click OK to close the Add a program dialog box.

  19. Click OK to close Windows Firewall.

Was this page helpful?
(1500 characters remaining)
Thank you for your feedback

Community Additions

Show:
© 2014 Microsoft