<div>
You shouldn't allow RDP through your firewall to begin with - all the more so if you can VPN in to your network. &nbsp;Locking down your firewall will fix your problem, because all connection attempts will be coming from a trusted network.
</div>


icecom4

<div>
Use a dynamic dns service for your VPN. That way the ip changing isn't an issue, and as Paul stated, you want to VPN into your network and then access RDP if needed.
</div>


<div>
RDPguard works fine, I guess you might not have configured it correctly
</div>


<div>
@Shaun,<br />
<br />
There is not much to the config according to the developer, I enabled login auditing, thats about it. &nbsp;<br />
<br />
However, maybe it is working and I just can't test it. &nbsp;So All I am doing is just logging in RDP and deliberately putting the wrong password. &nbsp;I will do this about 10 times, which takes about 1-15 seconds naturally. &nbsp;However, maybe RDPguard knows that I am not a hack tool. &nbsp;I do see that it only makes one failed login regardless of how many times I try, however in the Windows audit logs I see all of them. &nbsp;<br />
<br />
Thoughts?
</div>


<div>
Do you have Windows Firewall enabled?
</div>


<div>
Yes, I do have windows firewall enabled.
</div>


<div>
Changing the port will not prevent these attacks. It is trivial to scan and find open RDP ports
</div>


<div>
@Shaun Agreed. My suggestion wasn't a supplement for RDP Guard just another measure to slow down/deter/hinder these attacks in combination with RDP Guard.
</div>


<div>
I contacted the dev but they could not really answer my question. &nbsp;Perhaps it is working but I am not able to trigger the RDP locks because I am testing it manually? &nbsp;Maybe that is not a fast enough way to trigger the black list.
</div>


<div>
<div class="content wysiwyg-content">
I am looking for a simple RDP monitor/security tool for a windows server environment. &nbsp;I connect remotely from various addresses. &nbsp;I have a remote VPN but the IP changes also., otherwise I would lock RDP down to one IP. &nbsp;I tried RDPguard and tested it, does not seem to block ban my many failed login attempts. &nbsp;Any free tools out there? &nbsp;<br />
<br />
Is there a way to do this in Windows?<br />
<br />
Environment: <br />
Server 2012 R2 64bit
</div>
</div>


I am looking for a simple RDP monitor/security tool for a windows server environment.  I connect remotely from various addresses.  I have a remote VPN but the IP changes also., otherwise I would lock RDP down to one IP.  I tried RDPguard and tested it, does not seem to block ban my many failed login attempts.  Any free tools out there?  

Is there a way to do this in Windows?

Environment: 
Server 2012 R2 64bit

Block failed RDP attempts

Remote access may refer to the connection to a data-processing system from a remote location, for example through a virtual private network remote desktop software, terminal emulation, or the activation of features of a business telephone system from outside the business's premises.