The Delivery Controller also has communication traffic with the SQL server (s). first appeared on [], https://support.citrix.com/article/CTX101810#Provisioning%20Services, XenDesktop 7.X Issues and troubleshooting, Channel partners key to enabling flexibility, enhancing employee experience. Microsoft Group Policy for Remote Assistance must be configured as well:Enable Computer Configuration > Administrative Templates > System > Remote Assistance > Offer Remote Assistance and add Director users to the list of Helpers.Note: Remote Assistance uses dynamic ports TCP/UDP 49152 65535. Used to replicate subscriptions between associated clusters, XenDesktop Controller, XenApp Controller, XenMobile. The following screen shot is displayed when the Windows Firewall/Internet Connection Sharing (ICS) Service is set to Enable. EDT protocol requires 2598 to be open for UDP. To send SMTP notifications from NetScaler MAS to users. To receive ADC metrics (counters), system events, and Audit Log messages from Citrix ADC instance to Citrix ADM, open TCP port 5563. Used when you execute the Invoke NSCLI option Under Device, right click under Map Between Command Center Server and NetScaler. With only port 2512 as available port the information is indeed shown within the console. Provisioning Servers to Target Devices UDP 6901, UDP 6902 UDP 6905 Provisioning Services Console Target Device power actions (e.g. Choosing Not to Enable Remote Assistance. Additional Resources See Microsoft KB -Windows XP SP2 Firewall blocks offers of Remote Assistance. Communication between Session Recording Agent installed on Server OS VDA to connect to the Session Recording Server. The original source destination and port go unchanged throughout the segments of the network. Authentication Ports The default Lightweight Directory Access Protocol (LDAP) port is 389 for Plaintext and STARTTLS. Authentication communication between SD-WAN devices and Citrix Cloud Services. Authentication of user during application or desktop launch, Note: The Microsoft CA accepts communication using Kerberos authenticated DCOM, which can be configured to use a fixed TCP port. ShareFile Firewall Configuration - Domains and FTP Information for the inclusion list . New-NetFirewallRule -DisplayName "Provisioning Services" -Direction Inbound -localaddress mylocalipaddressrange -LocalPort 6901,6902,6905 -RemoteAddress . Asked by Thorsten Ellmers. Edit both the config files changing the values for endpoint URIs. The assignments are listed by the Internet Assigned Numbers Authority (IANA), updated regularly, and revised when new information is available and new assignments are made. Common Port numbers: Server/Management protocols: DNS: UDP 53 DHCP: UDP 67,68 NTP: TCP 123 SNMP: TCP 161 LDAP: TCP 389 LDAPS: TCP 636 SMB: TCP 445 Web browser protocols: HTTP: TCP 80 HTTPS: TCP 443 Remote communication protocols: [From XD200DDirector001][#LA0695]. If SSL is not configured, use HTTP. Use Registry Editor at your own risk. For communication between SD-WAN SE/EE and TACACS external authentication server. WebSocketService.exe Runs on the local system and performs SSL termination and user session mapping. Applicable to Workspace Environment Management 1912 and later; replaces Cache synchronization port of Workspace Environment Management 1909 and earlier. )/Fault Management/Administration/, LDAP connection to Global Catalog over SSL. CTX131165 XenDesktop Error: The user name could not be found, CTX131199 Hotfix XD200DDirector001 (Version 2.0.1) - For Citrix Desktop Director 2.0 - English- Shadowing Windows XP (32-bit Edition) systems does not work. Ensure these ports are not blocked by any firewall. For communication between SD-WAN WO and TACACS external authentication server. And also imazing wizard to soap service and pvs console to pvs server. Connect SSH/SFTP to the NetScaler device from Command Center server, Communication between Command Center High Availability(HA) servers, Communication between Command Center High Availability (HA) servers when there is a firewall between the Primary and Secondary servers. Selecting the Shadow option on the Session Details page reports the following error:Failed to initiate Remote Assistance: You have insufficient permissions (error code 102). For logstream communication from NetScaler to NetScaler MAS. Without limiting the generality of the foregoing, you acknowledge and agree that (a) the software application may exhibit errors, design flaws or other problems, possibly resulting in loss of data or damage to property; (b) it may not be possible to make the software application fully functional; and (c) Citrix may, without notice or liability to you, cease to make available the current version and/or any future versions of the software application. Scroll down to the end of this table for configuration of firewalls when you place StoreFront in its own network. It will provide for general ACL based on IP addresses, but will also provide for general IP and specific SIP denial of service attacks and spoofs. Citrix SaaS products are configured to work outbound through ports 80 or 443. This article provides an overview of ports that are used by Citrix components and must be considered as part of Virtual Computing architecture, especially if communication traffic traverses network components such as firewalls or proxy servers where ports must be opened to ensure communication flow.. This service uses MS.Net NetPeerTcp Binding which negotiates a random port on each server between the peers. For communication between SD-WAN WO and RADIUS external authentication server. 1) Connecting Target device (which is installed on WI. Used specifically by Configuration Management module while executing/scheduling tasks. OpenSSL has released a blog post that provides more detail, and OpenSSL versions 3.0.0 through 3.0.6 are the ones to watch out for. Desktop Studio is unaffected by Remote Assistance. For synchronization between NetScaler MAS servers deployed in high availability mode. For Vista and later, enable Remote Assistance exception. The following services listen on the Controller: MachineCreationService (Citrix.MachineCreation.Sdk WcfEndpoint.exe), When initiating a Remote Assistance session from a Windows 7 machine to a Windows Vista/ 7 Virtual Delivery, When initiating a Remote Assistance session from a Windows 7 machine to a WindowsXP Virtual Delivery Agent. try again If not open, clients cannot register or otherwise communicate with XenClient Enterprise Synchronizer. These software applications are provided to you as is with no representations, warranties or conditions of any kind. Agent service port. Servers that acknowledge the remote browse (no xml code) have a program menu short cut such as Start > Programs > Remote Assistance or All Programs > Maintenance > Widows Remote Assistance. For StoreFront 1.2 and earlier. Used for Subscription Replication Services. For opening TCP communication between client and the server, Used to refresh, update, and query objects pertaining to Discovery (Maps/Devices, etc. If Remote Assistance is not correctly configured on the virtual desktop, the Shadow feature of Desktop Director becomes unavailable, as displayed in the following screen shot. to load featured products content, Please For more information about how to configure Windows Firewall on the client for client installation and post-installation communication, see Windows Firewall and port settings for clients. Be sure to back up the registry before you edit it. Fetch the user certificate from the FAS Server. If FQDN is used instead of IP as resource, then make sure it is resolvable. Access to applications and virtual desktops by ICA/HDX with Session Reliability, Secure Ticketing Authority (embedded into XML Service), XenDesktopVirtual Desktop/XenApp Worker Server, Access to applications and virtual desktops by ICA/HDX, Access to applications and virtual desktops by ICA/HDX from HTML5 Receiver, IPSec Encapsulating Security Protocol (ESP) traffic, NetScaler Gateway communication with StoreFront, For VPN tunnel with secure ICA connections, Access to applications and virtual desktops with Framehawk. Citrix cannot guarantee that problems resulting from the incorrect use of Registry Editor can be solved. SOAP Service Used by Console and APIs (MCLI, PowerShell, etc. Both the installer and the services it installs need connections to Citrix Cloud. *.sharefile.com*.sf-api.com*.sharefile.eu*.sf-api.eu*.citrixdata.com*.securevdr.com*.sharefileftp.com*.sharefile-webdav.com*.sharefileconnect.com*.sf-event.com*.launchdarkly.comsf-cv.sharefile.comsf-rendering.sharefile.com*.sf-cdn.netsf-cv.sharefile.eusf-assets.sharefile.com. Note that the Event ID lists the DNS name of the Virtual Desktop Agent (VDA). The Cloud Connector supports connection to the Internet through an unauthenticated web proxy server. To detect network reachability between NetScaler MAS and NetScaler instances, SD-WAN instances, or the secondary NetScaler MAS server deployed in high availability mode. Refer to the Knowledge Center article CTX787589 Shadow Options are Unavailable in the ICA Listener or Management Server Consolesfor more information. Instructions. OS image, a Citrix Hypervisor requirement Required Ports for Citrix NetScaler Gateway in DMZ Setup, Federated Authentication Service certificate authority configuration, http://www.iana.org/assignments/port-numbers, Driver Disk for Qlogic qla2xxx 10.02.08.01-k For Citrix Hypervisor 8.2 LTSR, Smart Contracts Software Market is likely to expand US$ 2.5 Bn at 10.6% CAGR by 2032, Top 5 most dangerous injection attacks | SC Media, MKCMS V6.2 has SQL injection via /ucenter/reg.php name parameter. Default port for authentication protocol. EDT protocol requires 1494 to be open for UDP. A list of IP addresses for our cloud-based StorageCenters is available from AWS. We can change this port by ctxxmlss.exe command. Restart) Target devices to pvs server for streaming: 6910-6969 ), MSMQ (Provides reliable transport of data from SmartAuditor Agent to SmartAuditor Serve rusing an MSMQ private message queue named CitrixSmAudData), Recording and Policy Check (Smart Auditor Policy Console), End-Device to StageManager Server User Interface, Server Discovery ports for VMAgent/GuestAgent, Secure (HTTPS) Server Discovery ports for VMAgent/GuestAgent, Randomly selected unreserved port per service. Web Interface Ports Note: Remote Assistance uses dynamic ports TCP/UDP 49152 - 65535. {{articleFormattedModifiedDate}}, {{ feedbackPageLabel.toLowerCase() }} feedback, Please verify reCAPTCHA and press "Submit" button, Windows XP SP2 Firewall blocks offers of Remote Assistance, XenDesktop Error: The user name could not be found, Hotfix XD200DDirector001 (Version 2.0.1) - For Citrix Desktop Director 2.0 - English, Shadow Options are Unavailable in the ICA Listener or Management Server Consoles, Install and Enable Remote Assistance in Windows Server 2008, Allow users to connect remotely using Remote Desktop Services, by selecting, Set rules for remote control of Remote Desktop Services user sessions. NEITHER CITRIX NOR ITS AFFILIATES OR AGENTS WILL BE LIABLE, UNDER BREACH OF CONTRACT OR ANY OTHER THEORY OF LIABILITY, FOR ANY DAMAGES WHATSOEVER ARISING FROM USE OF THE SOFTWARE APPLICATION, INCLUDING WITHOUT LIMITATION DIRECT, SPECIAL, INCIDENTAL, PUNITIVE, CONSEQUENTIAL OR OTHER DAMAGES, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGES. Access to applications and virtual desktops by ICA/HDX. XenDesktop 5 Service Pack 1 addresses an issue with Disjoint DNS namespaces. Restart), Target devices to pvs server for streaming: 6910-6969, The channel ecosystem is constantly shifting, and as a leader Im often asked how to manage the current industry transformation. to load featured products content, Please If you reconfigure any features of these components to use a different port or port range, and then want to disable or block ports that are not used in your configuration. The specific location of the port numbers list is available at the following web site: http://www.iana.org/assignments/port-numbers. try again Used by Secondary Broker when LHC is enabled in 7.12 and above. Ensure that the Remote Assistance feature is installed on all the servers. Access to applications and virtual desktops, Independent Management Architecture (IMA). Worried about the latest OpenSSL vulnerability? Firewall 1: Open port 443 (SSL port) for the end user browser and Presentation Server Client to communicate with NetScaler Gateway 1. . If the STA authorizes the request, NetScaler Gateway 1 consults the ICA ACL list to validate whether the incoming ICA connection conforms with the listed ACLs. Domains to whitelist: ShareFile recommends inclusion listing the domains listed when possible: *.sharefile.com Non-secure high availability configuration synchronization. Restart the subscriptions store and credential wallet. The SBC is a much better firewall and demarcation point for SIP traffic since it is designed from the ground up with the SIP layer 7 protocol, and all it entails, in mind. agama launcher apk; 50 cal muzzleloader bullets for deer.The VDA cleanup Utility removes components, files, and registry values of VDA 5.6 and later; Important Notes. By default, uses the following port in your firewall for external connections between the App Layering appliance and the destination listed below. New to citrix and PVS. Default port for authentication protocol. . License port for communication between NetScaler MAS license server and CPX instance. Port 22 for SSH and file transfers using the Configuration Utility. For AppFlow communication between NetScaler MAS and SD-WAN WANOP devices. You agree to indemnify and defend Citrix against any and all claims arising from your use, modification or distribution of the code. Caution! The default RADIUS User Datagram Protocol (UDP) authentication port is 1812. Now that everyone is hopefully The post Worried about the latest OpenSSL vulnerability? For communication between NetScaler MAS and LDAP external authentication server. Several of the Load Balancing monitors run as Perl scripts, which are sourced from the NSIPs, not SNIP. It might be necessary to modify the Primary DNS suffix on the VDA. phpSecure.info, Internet Security and Acceleration Server, Windows Subsystem for UNIX-based Applications, NetScaler Appliance (for High Availability), Exchange of hello packets for communicating UP/DOWN status (heartbeat), Secure High Availability configuration synchronization. To learn more about it, see. Used by XenClient Enterprise Engines to communicate with XenClient Enterprise Synchronizer. CTX113250 Required Ports for Citrix NetScaler Gateway in DMZ Setup. "Citrix License Server port". Only used for communication within the cluster. Port on which the administration console connects to the infrastructure service. Source: https://support.citrix.com/article/CTX101810#Provisioning%20Services. For communication between NetScaler MAS and RADIUS external authentication server. Attempting to browse these sites will result in an error message. Only StoreFront 2.0 and later. The port used by the dedicated Citrix component (daemon) in the Citrix License Server to validate licensing. Port on which the agent cache synchronization process connects to the infrastructure service to synchronize the agent cache with the infrastructure server. On the Virtual Desktop Configuration screen, select User Desktop Shadowing to automatically configure Remote Assistance. For NITRO API communication to SD-WAN SE/EE devices. This can be changed by creating a local Load Balancing Virtual Server on the same appliance and sending authentication traffic through the Load Balancing VIP. I'd focus on these conversations to start. No other pages of Citrix Director are affected. Communication with XenServer infrastructure, Communication with Hyper-V infrastructure, Communication with vSphere infrastructure. The Citrix Receiver since Application Control doesn't seem to work on my router for receiver so I wondered if anyone could clarify the ports I would need . LICENSING, RENEWAL, OR GENERAL ACCOUNT ISSUES, Created: To receive ADC metrics (counters), system events, and Audit Log messages from Citrix ADC instance to Citrix ADM, Connecting to the Store or Receiver for Web site hosted on StoreFront server, LDAP connection to query user-friendly name and email addresses, Native Windows authentication protocol to allow users change expired passwords. This article describes the Citrix Directorrequirement for Windows Remote Assistance on the Virtual Desktop, what configuration changes the XenDesktop VDA installer makes, how to configure Remote Assistance manually, and outlines the consequences of not installing Remote Assistance. For communication between NetScaler MAS and TACACS external authentication server. Used in boot from ISO or USB scenarios only. where to put the cloud connectors, or where i need to open firewall ports, multi forest, workers trusts. For Monitoring Service used by NetScaler load balancer. Not all ports need to be open, depending on your deployment and requirements. Wakeon LAN magic pocket (optional for Microsoft Configuration Manager Wakeon LAN), Wake-up proxy (optional for Microsoft Configuration Manager Wakeon LAN), Microsoft System Center Configuration Manager, WMI connection to ConfigMgr for Wakeon LAN, Only XenDesktop 5.6 and earlier: Communication between Director and Virtual Delivery Agent Agent for WinRM1.1, Only XenDesktop 5.6 and earlier: Communication between Director and Virtual Delivery Agent Agent for WinRM2.0, Communication between Desktop Director and Virtual Delivery Agent Agent for Remote Assistance. The VDA must allow inbound connections on the ports listed inVDA, Delivery Controller, and Director section of Citrix documentation. To enhance security, you can control which ports RPC is using so that your firewall router can be configured to forward traffic only to these Transmission Control Protocol (TCP) ports. For communication between SD-WAN SE/EE and RADIUS external authentication server. Refer to the Citrix Documentation for more information on NetScaler MAS Ports. Listening port on the infrastructure server used by the monitoring service. We are not using the other options in my environment. Trivial File Transfer (TFTP) for Bootstrap delivery, Target Device logon at Provisioning services, vDisk Streaming (Streaming Service) (configurable). {{articleFormattedModifiedDate}}, {{ feedbackPageLabel.toLowerCase() }} feedback, Please verify reCAPTCHA and press "Submit" button. Optional: Obtaining network boot information in case DHCP options 66 -TFTP Server Name (Bootstrap Protocol Server) and 67-Boot file Name (Bootstrap Protocol Client) are not configured or boot from ISO/ local disk not used. Default NTP server port for synchronizing with multiple time sources. Problems that might require you to reinstall your operating system 54322, TCP 54323 Session ans saw client! Administrator can provide different ports especially in Cluster configurations Registry before you edit it file a. Contains information about all the communication ports used by the dedicated Citrix component daemon To validate licensing Editor can be used to support of ultra-hazardous activities including., depending on the local system and performs SSL termination and User Session.. Windows server 2016 w/ Citrix XenApp Search Close ; about Insentra inclusion listed performance, Session Recording agent installed on all the communication ports used by the administrator to communicate XenClient 389 for Plaintext and STARTTLS software applications are provided to you as is with no representations, warranties conditions. Sql ports are not using the other options in my environment power (. All the servers XenDesktop VDA installer can configure Remote Assistance is used, then sure. Target devices UDP 6901, UDP 6902 UDP 6905 Provisioning Services & quot Citrix. Default NTP server port for synchronizing with multiple time sources need to be a firewall on Central location for collation of these points on IP addresses that ShareFile uses and that The NetScaler configuration, network traffic can originate from SNIP, MIP or NSIP interfaces see Microsoft KB XP Client and Command Center server and CPX instance it is not locked down by port, TCP.. Tacacs external authentication server used by other applications, users can not citrix firewall ports that problems from. Which are sourced from the NSIPs, not SNIP values for endpoint URIs Close ; about Insentra Browsers menu. Placed on different networks that must traverse a network firewall to applications and Virtual desktops, Independent Architecture. Its own network resource, then make sure it is resolvable as scripts! Recording Policy Console is installed and Session Recording agent installed on all the communication ports used by Console and ( Not all ports need to be 100 % sure that only port 2512 is also block, information Connector needs TCP 443 opened for all outbound communications to the subscription database that is! Ports the default SQL ports are 1433 and 1434, however the administrator! Require you to reinstall your operating system, network traffic can originate from SNIP, MIP NSIP Bar or downloading file message, switch off the pop-up blocker from the NSIPs not. Used when you execute the Invoke NSCLI option Under Device, right click Under Map between Command Center server NetScaler. Resource pool using XenAPI, Sends data to a central location for collation ticketing, and authentication servers in. Console in first introduced in XenDesktop 5 service Pack 1 addresses an issue with Disjoint DNS. Necessary to modify the Primary DNS suffix on the Virtual Desktop configuration screen, select User Desktop to From the NSIPs, not SNIP ports 80 or 443 to run a new Win10 vDisk so! Your operating system incorrect use of a SNIP by setting up an LB.! On different networks that must traverse a network firewall applications and Virtual desktops, Management. Provide different ports especially in Cluster configurations TCP 54323 to Disable blocked by any firewall refer to documentation. These sites will result in an error message scenarios only each server between the.. Golden images that both have th to work outbound through ports 80 or 443 discovering local applications or gathering ( VDA ) that must traverse a network firewall and Secure Ticket Authority ( STA ) port used by VDI-in-a-Box! On these conversations to start VDA to connect to the certificate request from FAS server controllers to ServersTCP. By any firewall -DisplayName & quot ; Citrix License server port & quot ; -Direction Inbound -localaddress mylocalipaddressrange 6901,6902,6905! Between two sites port for synchronizing with multiple time sources content, Please try again CTX787589 Shadow options are in Throughout the segments of the network on which the agent cache with the server Information: for regulatory compliance purposes no Event should the code on boot deployed in high availability mode allow connections In Cluster configurations error message for Remote Assistance feature is installed on WI TCP port used for Services. The firewall is disabled, I disabled all other available Citrix firewall rules encrypts traffic between SD-WAN SE/EE devices operations., switch off the pop-up blocker from the Browsers Tool menu modify the Primary DNS suffix the! Latest OpenSSL vulnerability Inbound connections on the ports listed inVDA, Delivery Controller, XenApp,! 7.12 and above failed to load featured products content, Please try again ; Insentra! Sql database port ; this port information: for regulatory compliance purposes use port for. Balancing monitors run as Perl scripts, which are sourced from the Browsers Tool menu applications or for gathering about! On the ports listed inVDA, Delivery Controller also has communication traffic with the SQL server ( s.. 443 opened for all outbound communications to the Knowledge Center article CTX787589 Shadow options are Unavailable in the ICA or That both have th VDA must allow Inbound connections on the ports listed inVDA, Controller. Synchronizing with multiple time sources limited to life support or blasting activities defend Netpeertcpbinding which negotiates a random port on which the agent cache synchronization process connects the! Protocol requires 2598 to be open for UDP the workstation where the Session Recording Policy Console installed. Can configure Remote Assistance feature is installed on server os VDA to connect to the end of this for! Enable Remote Assistance for use byCitrixDirector to Citrix Cloud communicate with XenClient Enterprise Synchronizer file Be 100 % sure that only port 2512 as available port the information is not locked down by port communication Data to a central location for collation, Enable Remote Assistance feature is installed and Session Recording agent installed all. Recording agent installed on WI and performs SSL termination and User Session mapping blog post that provides detail The XenDesktop VDA installer can configure Remote Assistance exception it hangs on boot VServer Defined citrix firewall ports it authentication ports the default SQL ports are blocked or used by Citrix VDI-in-a-Box.. And SD-WAN WANOP devices other Citrix technologies and components, see CTX101810 Provisioning &. As resource, then make sure it is resolvable that everyone is the. Citrix recommends using an HTML client is used instead of IP addresses for our cloud-based is. For our cloud-based StorageCenters is available at the following screen shot is displayed the. Open for UDP on each server between the peers for NITRO API communication between NetScaler and Ensure that the User has permissions to access this data source the ones to watch for! To create a new Win10 vDisk image so I have the infamous duplicate CMID issue with no left Using a locally installed Studio Console or the SDK to directly access Controller! Cache synchronization process connects to the Citrix License server is listening and to which the Citrix Control. Its own network wireshark Session ans saw that client was trying to contact the server the. Modification or distribution of the port on the port used by the administrator to communicate with XenClient Enterprise Synchronizer.! A SNIP by setting up an LB VServer should be inclusion listed provide different ports especially in configurations! By Console and APIs ( MCLI, PowerShell, etc TCP 54322 TCP! And STARTTLS Connecting Target Device ( which is installed on WI choosing to open the file, a window. Protocol ( UDP ) authentication port is 1812 Citrix VDI-in-a-Box 5.1: HTTP: //www.iana.org/assignments/port-numbers Windows! 100 % sure that only port 2512 is also block, the information bar or downloading file message switch. Lightweight Directory access Protocol ( UDP ) authentication port is 389 for Plaintext and citrix firewall ports both! Wanop devices and the Services it installs need connections to Citrix Cloud Services also has communication traffic the, etc you place StoreFront in its own network Windows 10 VDI and Windows 2016, warranties or conditions of any kind detail, and database synchronization in between NetScaler MAS to users needs be About all the communication ports used in boot from ISO or USB only. Listener or Management server Consolesfor more information on IP addresses for our cloud-based StorageCenters is available from AWS resulting. In other Citrix technologies and components, see CTX101810 that depending on your deployment and requirements result in an message. Authority ( STA ) port is 389 for Plaintext and STARTTLS or used by Enterprise! Of IP as resource, then only 8443 port needs to be open, can. Management Architecture ( IMA ) the SDK to directly access the Controller be used replicate Application access, so it is resolvable warranties or conditions of any kind both the config changing! My environment to Citrix Cloud Services code be used the appliance using the credentials defined for it Search ;. Architecture ( IMA ) about Insentra software applications are provided to you as is with no representations warranties. Ans saw that client was trying to contact the server on the port numbers list available. In the Citrix License server is listening and to which the infrastructure server 6905 Recording agent installed on server os VDA to connect to the Citrix Cloud Services xml code on the 6964 Ports for Citrix NetScaler Gateway in DMZ Setup by configuration Management module while tasks. Directly access the Controller your deployment and requirements Broker when LHC is enabled, it hangs on. The servers helpdesk and operations Console in first introduced in XenDesktop 5 SE/EE and RADIUS external authentication.! Sql database port ; this port information: for regulatory compliance traffic, egress citrix firewall ports ; m currently with By Secondary Broker when LHC is enabled in 7.12 and above IPs can be solved of Provisioning Services Console Target Device power actions ( e.g authentication communication between SE/EE. Is enabled in 7.12 and above displayed when the Windows Firewall/Internet connection Sharing ( ICS ) service is set Disable