Solved

Restricting RDP with Windows Firewall....but it doesn't work?!

Posted on 2010-11-15
6
913 Views
Last Modified: 2012-05-10
peeps,

I'm trying to restrict RDP access so that only people on the WAN and LAN can access the terminal services box, along with the possibility of a few external IP addresses. We're on Windows 2008. In Windows Firewall, I've gone into 'Inbound Rule' and chosen RDP->Properties->Scope.

Within the scope, I've added the internal range which is 10.0.0.1-10.0.0.254.

Then I've added the external IP. Apply, OK.

If I try to log onto remote desktop using the local IP 10.0.0.15 (that's the IP), it won't connect me. If I enter the external IP, then it does.

Does anybody know why this happens? And how this can be fixed?

Thanks a lot
0
Comment
Question by:Yashy
  • 3
  • 2
6 Comments
 
LVL 7

Expert Comment

by:tstritof
ID: 34137740
Hi,

what error are you getting? Can you ping 10.0.0.15?

Regards,
Tomislav
0
 
LVL 1

Author Comment

by:Yashy
ID: 34137816
No errors, it just won't connect and then times out with the error message. But I know that it's the firewall.

Yes, I can definitely ping the server.

As soon as I remove the IP address from the  'Remote IP' section within the Scope, I can log on locally.
0
 
LVL 7

Accepted Solution

by:
tstritof earned 500 total points
ID: 34138241
Oh I know what it is.

In Remote addresses you must specify all addresses from which clients will be connecting inluding your LAN scope. The Local IP address is the address TS listens on (IP address of TS NIC).
 Firewall scopes.
Hope this helps.

Regards,
Tomislav
0
Highfive Gives IT Their Time Back

Highfive is so simple that setting up every meeting room takes just minutes and every employee will be able to start or join a call from any room with ease. Never be called into a meeting just to get it started again. This is how video conferencing should work!

 
LVL 1

Author Comment

by:Yashy
ID: 34138480
You Tom, deserve a fat medal. Thank you.
0
 
LVL 7

Expert Comment

by:tstritof
ID: 34138493
:) Glad to help.

Regards
0
 

Expert Comment

by:Widescope
ID: 34537755
Thanks very much, this helped me too.  It's been driving me up the wall for a couple of days now.

Cheers
Steve
0

Featured Post

Too many email signature updates to deal with?

Do you feel like you are taking up all of your time constantly visiting users’ desks to make changes to email signatures? Wish you could manage all signatures from one central location, easily design them and deploy them quickly to users? Well, there is an easy way!

Join & Write a Comment

I had a question today where the user wanted to know how to delete an SSL Certificate, so I thought that I would quickly add this How to! Article for your reference. WHY WOULD YOU WANT TO DELETE A CERTIFICATE? 1. If an incorrect certificate was …
To setup a SonicWALL for policy based routing to be used with the Websense Content Gateway there are several steps that need to be completed. Below is a rough guide for accomplishing this. One thing of note is this guide is intended to assist in the…
This tutorial will give a short introduction and overview of Backup Exec 2012 and how to navigate and perform basic functions. Click on the Backup Exec button in the upper left corner. From here, are global settings for the application such as conne…
This tutorial will walk an individual through the steps necessary to join and promote the first Windows Server 2012 domain controller into an Active Directory environment running on Windows Server 2008. Determine the location of the FSMO roles by lo…

760 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

22 Experts available now in Live!

Get 1:1 Help Now