Link to home
Start Free TrialLog in
Avatar of phermi
phermi

asked on

Restrict Terminal Services to particular IPs in SBS 2003

Hi all,

Yes, I know ... we do this through the Firewall ... but my firewall is not running because another program is running that might be using the NAT component (Ipnat.sys).

I read a bit, and tis happens if ISA is used, not our case, or if RAS is used. We use remove connections to allow VPN Users into the server using a range of IPs.

Is there a way to have it all, RAS and Windows firewall running so that I can limit TS to few IPs?

Thanks in advanced.
Avatar of The_Dark1
The_Dark1

Avatar of phermi

ASKER

The_Dark1: Thanks, but not really.

What we have here is brutal-force attacks from folks in Europe trying o guess the Administrator password while programmatically attempting to connect using RDC.

The system is slowed down to the point of crawling and the logs are full of account locking issues.

All I wanted was to be able to set rules in the firewall so only certain IPs will be accepted for RDC connection.

Plan B will be to change the RDP listening port
ASKER CERTIFIED SOLUTION
Avatar of The_Dark1
The_Dark1

Link to home
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
Start Free Trial
SOLUTION
Avatar of bbao
bbao
Flag of Australia image

Link to home
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
Start Free Trial
Avatar of phermi

ASKER

The_Dark1: this is hosted server and ys there is a firewall (Cisco PIX 515R ) in front of it, but it is  not VPN capable.
SOLUTION
Link to home
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
Start Free Trial
Avatar of phermi

ASKER

I apologize for the huge delay ....

I do not have access to change anyhting in the PIX and honestly, I was hopping for an easy way to say "do not accept TS request excpt from XX.yy.zz.ww.

I appreciate your efforts and I will assign points to both of you, not because I can fix my problem based on your suggestions, but for the fact that you did care about it,