Solved

Restricting RDP with Windows Firewall....but it doesn't work?!

Posted on 2010-11-15
6
923 Views
Last Modified: 2012-05-10
peeps,

I'm trying to restrict RDP access so that only people on the WAN and LAN can access the terminal services box, along with the possibility of a few external IP addresses. We're on Windows 2008. In Windows Firewall, I've gone into 'Inbound Rule' and chosen RDP->Properties->Scope.

Within the scope, I've added the internal range which is 10.0.0.1-10.0.0.254.

Then I've added the external IP. Apply, OK.

If I try to log onto remote desktop using the local IP 10.0.0.15 (that's the IP), it won't connect me. If I enter the external IP, then it does.

Does anybody know why this happens? And how this can be fixed?

Thanks a lot
0
Comment
Question by:Yashy
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 3
  • 2
6 Comments
 
LVL 7

Expert Comment

by:tstritof
ID: 34137740
Hi,

what error are you getting? Can you ping 10.0.0.15?

Regards,
Tomislav
0
 
LVL 1

Author Comment

by:Yashy
ID: 34137816
No errors, it just won't connect and then times out with the error message. But I know that it's the firewall.

Yes, I can definitely ping the server.

As soon as I remove the IP address from the  'Remote IP' section within the Scope, I can log on locally.
0
 
LVL 7

Accepted Solution

by:
tstritof earned 500 total points
ID: 34138241
Oh I know what it is.

In Remote addresses you must specify all addresses from which clients will be connecting inluding your LAN scope. The Local IP address is the address TS listens on (IP address of TS NIC).
 Firewall scopes.
Hope this helps.

Regards,
Tomislav
0
Independent Software Vendors: We Want Your Opinion

We value your feedback.

Take our survey and automatically be enter to win anyone of the following:
Yeti Cooler, Amazon eGift Card, and Movie eGift Card!

 
LVL 1

Author Comment

by:Yashy
ID: 34138480
You Tom, deserve a fat medal. Thank you.
0
 
LVL 7

Expert Comment

by:tstritof
ID: 34138493
:) Glad to help.

Regards
0
 

Expert Comment

by:Widescope
ID: 34537755
Thanks very much, this helped me too.  It's been driving me up the wall for a couple of days now.

Cheers
Steve
0

Featured Post

Free Tool: Port Scanner

Check which ports are open to the outside world. Helps make sure that your firewall rules are working as intended.

One of a set of tools we are providing to everyone as a way of saying thank you for being a part of the community.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

I had a question today where the user wanted to know how to delete an SSL Certificate, so I thought that I would quickly add this How to! Article for your reference. WHY WOULD YOU WANT TO DELETE A CERTIFICATE? 1. If an incorrect certificate was …
This article offers some helpful and general tips for safe browsing and online shopping. It offers simple and manageable procedures that help to ensure the safety of one's personal information and the security of any devices.
This tutorial will walk an individual through locating and launching the BEUtility application to properly change the service account username and\or password in situation where it may be necessary or where the password has been inadvertently change…
This tutorial will show how to configure a new Backup Exec 2012 server and move an existing database to that server with the use of the BEUtility. Install Backup Exec 2012 on the new server and apply all of the latest hotfixes and service packs. The…

733 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question