Solved

Restricting RDP with Windows Firewall....but it doesn't work?!

Posted on 2010-11-15
6
918 Views
Last Modified: 2012-05-10
peeps,

I'm trying to restrict RDP access so that only people on the WAN and LAN can access the terminal services box, along with the possibility of a few external IP addresses. We're on Windows 2008. In Windows Firewall, I've gone into 'Inbound Rule' and chosen RDP->Properties->Scope.

Within the scope, I've added the internal range which is 10.0.0.1-10.0.0.254.

Then I've added the external IP. Apply, OK.

If I try to log onto remote desktop using the local IP 10.0.0.15 (that's the IP), it won't connect me. If I enter the external IP, then it does.

Does anybody know why this happens? And how this can be fixed?

Thanks a lot
0
Comment
Question by:Yashy
  • 3
  • 2
6 Comments
 
LVL 7

Expert Comment

by:tstritof
ID: 34137740
Hi,

what error are you getting? Can you ping 10.0.0.15?

Regards,
Tomislav
0
 
LVL 1

Author Comment

by:Yashy
ID: 34137816
No errors, it just won't connect and then times out with the error message. But I know that it's the firewall.

Yes, I can definitely ping the server.

As soon as I remove the IP address from the  'Remote IP' section within the Scope, I can log on locally.
0
 
LVL 7

Accepted Solution

by:
tstritof earned 500 total points
ID: 34138241
Oh I know what it is.

In Remote addresses you must specify all addresses from which clients will be connecting inluding your LAN scope. The Local IP address is the address TS listens on (IP address of TS NIC).
 Firewall scopes.
Hope this helps.

Regards,
Tomislav
0
Ransomware-A Revenue Bonanza for Service Providers

Ransomware – malware that gets on your customers’ computers, encrypts their data, and extorts a hefty ransom for the decryption keys – is a surging new threat.  The purpose of this eBook is to educate the reader about ransomware attacks.

 
LVL 1

Author Comment

by:Yashy
ID: 34138480
You Tom, deserve a fat medal. Thank you.
0
 
LVL 7

Expert Comment

by:tstritof
ID: 34138493
:) Glad to help.

Regards
0
 

Expert Comment

by:Widescope
ID: 34537755
Thanks very much, this helped me too.  It's been driving me up the wall for a couple of days now.

Cheers
Steve
0

Featured Post

PRTG Network Monitor: Intuitive Network Monitoring

Network Monitoring is essential to ensure that computer systems and network devices are running. Use PRTG to monitor LANs, servers, websites, applications and devices, bandwidth, virtual environments, remote systems, IoT, and many more. PRTG is easy to set up & use.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

I was supporting a handful of Windows 2008 (non-R2) 2 node clusters with shared quorum disks. Some had SQL 2008 installed and some were just a vendor application that we supported. For the purposes of this article it doesn’t really matter which so w…
New Windows 7 Installations take days for Windows-Updates to show up and install. This can easily be fixed. I have finally decided to write an article because this seems to get asked several times a day lately. This Article and the Links apply to…
This tutorial will show how to configure a new Backup Exec 2012 server and move an existing database to that server with the use of the BEUtility. Install Backup Exec 2012 on the new server and apply all of the latest hotfixes and service packs. The…
This Micro Tutorial hows how you can integrate  Mac OSX to a Windows Active Directory Domain. Apple has made it easy to allow users to bind their macs to a windows domain with relative ease. The following video show how to bind OSX Mavericks to …

772 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question