Restricting RDP with Windows Firewall....but it doesn't work?!

peeps,

I'm trying to restrict RDP access so that only people on the WAN and LAN can access the terminal services box, along with the possibility of a few external IP addresses. We're on Windows 2008. In Windows Firewall, I've gone into 'Inbound Rule' and chosen RDP->Properties->Scope.

Within the scope, I've added the internal range which is 10.0.0.1-10.0.0.254.

Then I've added the external IP. Apply, OK.

If I try to log onto remote desktop using the local IP 10.0.0.15 (that's the IP), it won't connect me. If I enter the external IP, then it does.

Does anybody know why this happens? And how this can be fixed?

Thanks a lot
LVL 1
YashyAsked:
Who is Participating?
 
tstritofCommented:
Oh I know what it is.

In Remote addresses you must specify all addresses from which clients will be connecting inluding your LAN scope. The Local IP address is the address TS listens on (IP address of TS NIC).
 Firewall scopes.
Hope this helps.

Regards,
Tomislav
0
 
tstritofCommented:
Hi,

what error are you getting? Can you ping 10.0.0.15?

Regards,
Tomislav
0
 
YashyAuthor Commented:
No errors, it just won't connect and then times out with the error message. But I know that it's the firewall.

Yes, I can definitely ping the server.

As soon as I remove the IP address from the  'Remote IP' section within the Scope, I can log on locally.
0
Simple Misconfiguration =Network Vulnerability

In this technical webinar, AlgoSec will present several examples of common misconfigurations; including a basic device change, business application connectivity changes, and data center migrations. Learn best practices to protect your business from attack.

 
YashyAuthor Commented:
You Tom, deserve a fat medal. Thank you.
0
 
tstritofCommented:
:) Glad to help.

Regards
0
 
WidescopeCommented:
Thanks very much, this helped me too.  It's been driving me up the wall for a couple of days now.

Cheers
Steve
0
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

All Courses

From novice to tech pro — start learning today.