# Unblock NoMachine on Windows 11 — run as Administrator # Adds firewall rules for port 4000 (TCP+UDP) and verifies NoMachine service Write-Host "=== Unblock NoMachine ===" -ForegroundColor Cyan # 1. Add firewall inbound rules for NoMachine (port 4000 TCP + UDP) $ruleName = "NoMachine Server (Port 4000)" $existing = Get-NetFirewallRule -DisplayName $ruleName -ErrorAction SilentlyContinue if ($existing) { Write-Host "Firewall rule '$ruleName' already exists — enabling it" -ForegroundColor Yellow Enable-NetFirewallRule -DisplayName $ruleName } else { Write-Host "Creating firewall rule '$ruleName' for port 4000 TCP+UDP" -ForegroundColor Green New-NetFirewallRule -DisplayName $ruleName -Direction Inbound -Protocol TCP -LocalPort 4000 -Action Allow -Profile Any -Enabled True -Description "Allow NoMachine remote desktop connections" New-NetFirewallRule -DisplayName "$ruleName (UDP)" -Direction Inbound -Protocol UDP -LocalPort 4000 -Action Allow -Profile Any -Enabled True -Description "Allow NoMachine UDP discovery" } # 2. Check NoMachine service is running $svc = Get-Service -Name "nxsrv" -ErrorAction SilentlyContinue if (-not $svc) { $svc = Get-Service -Name "NoMachine Server" -ErrorAction SilentlyContinue if (-not $svc) { $svc = Get-Service | Where-Object { $_.DisplayName -like "*NoMachine*" -and $_.DisplayName -like "*Server*" } | Select-Object -First 1 } } if ($svc) { Write-Host "NoMachine service: $($svc.Name) — Status: $($svc.Status)" -ForegroundColor $(if ($svc.Status -eq 'Running') {'Green'} else {'Red'}) if ($svc.Status -ne 'Running') { Write-Host "Starting NoMachine service..." -ForegroundColor Yellow Start-Service -Name $svc.Name -ErrorAction SilentlyContinue $svc = Get-Service -Name $svc.Name Write-Host "After start: $($svc.Status)" -ForegroundColor $(if ($svc.Status -eq 'Running') {'Green'} else {'Red'}) } } else { Write-Host "WARNING: NoMachine server service not found!" -ForegroundColor Red } # 3. Verify port 4000 is listening Write-Host "" Write-Host "Checking port 4000..." -ForegroundColor Cyan $port4000 = Get-NetTCPConnection -LocalPort 4000 -ErrorAction SilentlyContinue if ($port4000) { Write-Host "Port 4000 is LISTENING on $($port4000.LocalAddress):$($port4000.LocalPort) — State: $($port4000.State)" -ForegroundColor Green } else { Write-Host "WARNING: Port 4000 NOT listening — NoMachine server may not be active" -ForegroundColor Red Write-Host "Try: restart NoMachine from the Start Menu or Services app" -ForegroundColor Yellow } # 4. Show this machine's IP for remote connection $ip = (Get-NetIPAddress -AddressFamily IPv4 | Where-Object { $_.InterfaceAlias -notlike '*Loopback*' -and $_.IPAddress -notlike '127.*' -and $_.IPAddress -match '192\.168' } | Select-Object -First 1).IPAddress if ($ip) { Write-Host "" Write-Host "Laptop IP on LAN: $ip" -ForegroundColor Green Write-Host "From workstation: connect NoMachine to $ip" -ForegroundColor Green } Write-Host "" Write-Host "=== Done ===" -ForegroundColor Cyan