SCCM Remote Agent connections cause unexpected User Notification pop-up and Program Exception Rule creation in the Windows Vista Firewall
When establishing a remote agent connection using the System Center Configuration Manager Remote Control function, connectivity to the RcAgent.exe client process depends on TCP communications over TCP ports 2701 thru 2704. To allow communication through the Windows Firewall it is common for administrators to create a set of Port Rules to allow TCP connections over these ports.
Unexpected behavior has been reported in the Windows Vista firewall associated with the use of TCP Port rules to allow SCCM Remote Control Traffic. When you create TCP port rule and specify a Remote IP Range on the Scope tab of the rule properties, the end user will be prompted to allow or deny the connection. If the user selects to allow the connection, an “Allow” Program Exception Rule will be automatically created for RCAgent.exe. If the user selects to deny the connection, a “Deny” Program Exception Rule will be created.
This behavior has been confirmed and occurs regardless of the format of the remote address space specified.
For more information on this issue, including potential causes, workarounds, and resolutions, see: Microsoft KB Article KB2022075.