[Okta Webinar] Learn how to a build a cloud-first strategyRegister Now

x
?
Solved

Restrict IP Access

Posted on 2011-10-13
7
Medium Priority
?
484 Views
Last Modified: 2012-05-12
I am using a Draytek 2930n Firewall and I only want RDP access granted to a single external IP address.
I am looked all over the place including EE and have not been able to solve my problem.

If I open the port everything works with no issue, but any external IP address can use RDP, so I went to the firewall settings and created a filter rule to allow TCP Port 3389 from source IP external (x.x.x.x) to the destination IP internal (x.x.x.x) and then I removed the port setting and now the RDP is not working with just the rule applied.

Can someone tell me what I am doing wrong?
0
Comment
Question by:Edeakin
  • 4
  • 3
7 Comments
 
LVL 1

Expert Comment

by:ggeisz
ID: 36965008
I am pretty sure the port needs to be open that way the rule can be applied. With the port closed the rule cannot be applied to incoming traffic. I assume that you have opened the port with the rule you have created and tested?

Just a logical thought
0
 

Author Comment

by:Edeakin
ID: 36965226
Yes, with the port open and the rule appiled it seems like the firewall does not fire the rule and any IP address can use RDP.
0
 
LVL 1

Accepted Solution

by:
ggeisz earned 1500 total points
ID: 36965295
Unfortunately Draytek does not offer any documentation on their website that i can see. Is the router up to date with the latest firmware? Do you have a VPN server running, as it would be much safer to establish a VPN connection and then RDP to the specified Windows machine.
0
Creating Active Directory Users from a Text File

If your organization has a need to mass-create AD user accounts, watch this video to see how its done without the need for scripting or other unnecessary complexities.

 

Author Comment

by:Edeakin
ID: 36965347
I am on the latest firmware and I do not have a VPN server running. I have never been able to get the VPN running on this firewall either. I might need to look back into this.
0
 
LVL 1

Expert Comment

by:ggeisz
ID: 36965545
Yeah it sounds kinda weird that it's not working. Possibly a firmware issue itself that needs to be addressed by the manufacturer. In the mean time a logmein client works great because then you do not need to open any ports. I was tired looking at event logs and seeing failed logon attempts.
0
 

Author Comment

by:Edeakin
ID: 36979901
I created a VPN for the remote users to solve the issue.
0
 

Author Closing Comment

by:Edeakin
ID: 36979923
I was able to create a VPN connection to solve the issue.
0

Featured Post

Fill in the form and get your FREE NFR key NOW!

Veeam is happy to provide a FREE NFR server license to certified engineers, trainers, and bloggers.  It allows for the non‑production use of Veeam Agent for Microsoft Windows. This license is valid for five workstations and two servers.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

You might have come across a situation when you have Exchange 2013 server in two different sites (Production and DR). After adding the Database copy in ECP console it displays Database copy status unknown for the DR exchange server. Issue is strange…
This article provides a convenient collection of links to Microsoft provided Security Patches for operating systems that have reached their End of Life support cycle. Included operating systems covered by this article are Windows XP,  Windows Server…
To efficiently enable the rotation of USB drives for backups, storage pools need to be created. This way no matter which USB drive is installed, the backups will successfully write without any administrative intervention. Multiple USB devices need t…
After creating this article (http://www.experts-exchange.com/articles/23699/Setup-Mikrotik-routers-with-OSPF.html), I decided to make a video (no audio) to show you how to configure the routers and run some trace routes and pings between the 7 sites…
Suggested Courses
Course of the Month19 days, 11 hours left to enroll

873 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question