• Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 695
  • Last Modified:

How do I prevent mstsc from connecting to external ip addresses?

We have an issue of employees using thier home machines to surf to blocked sites. Most of our employees use remote desktop for thier daily work so what we need to do is to allow remote desktop to work on our lan but prevent it from connecting out to the internet. We could use the firewall to do so, but we have not set any outside rules on the firewall and unfortunatly, you can't just set one, you have to do them all.
I would like to set the windows firewall to do this and apply it via GPO. Is this possible, and if so, how would I configure it?
0
fishsauce
Asked:
fishsauce
  • 3
1 Solution
 
njmattCommented:
In windows Firewall settings, click Add Port in the exceptions list.
Port #3389. Then click Change Scope. Set it to My Network Only.
Make sure users do not have admin rights to change this later on.
0
 
njmattCommented:
Actually you will probably have to do this from Windows Firewall with Advanced Security mmc. Create the new outbound rule. Then right-click after to get the properties... change the scope from the scope tab.
0
 
fishsauceAuthor Commented:
I'd like to do it through the GPO. I have quite a few computers that I want to do this to without having to connect to each one.
0
 
njmattCommented:
sorry missed your last line there. You can do it. you'll have to edit the Default Domain Policy from Group Policy Management.

Default Domain Policy > Computer Configuration > Policies > Windows Settings > Security Settings > Windows Firewall with Advanced Security

I think if you add the one rule to the domain GPO and the run Loopback processing with merge it may work. That way both sets of rules merge together. Check this out:
http://technet.microsoft.com/en-us/library/cc782810.aspx




0

Featured Post

Managing Security & Risk at the Speed of Business

Gartner Research VP, Neil McDonald & AlgoSec CTO, Prof. Avishai Wool, discuss the business-driven approach to automated security policy management, its benefits and how to align security policy management with business processes to address today's security challenges.

  • 3
Tackle projects and never again get stuck behind a technical roadblock.
Join Now