Hey all,

I need to block RDP access (port 3389) inbound on all IP's except xxx, yyy and zzz. What is the best way to get this setup?

I have tried a couple of different ways but the Vigor groups and filters allways confuse the hell out of me!

Thanks in advance.

Chris

Hmm, thought I had done it but not sure now, more testing needed. If anyone does have 'their way' of setting it up it would still be appreciated.
Thanks

create your rules to allow tcp 3389 from wan>LAN & specify the IP, then create a rule to block all after it

Hi, thanks for the reply. I don't follow how you would do that, I can't see the options in the menu.

I am using a 2820...

My aim is to block the world from accessing my servers via RDP . I want to allow RDP access through the firewall to my server only when the request comes from one of a couple of IP addresses/ranges, IE the other office, home addresses etc.

Thanks

I've set up some clients in the past as follows

Setup router to port translate 33895 to 3389. This avoids using a 'known' port that can be scanned.

Setup a workstation or server (can be a VM) that is off the domain with a standard local account user login and long/complex account password.

Forward 33895 to 3389 to the IP address of the workstation. Once you login to that station, RDP to other devices on the network

First you open up the port in NAT --> Open Ports. Then you go to the firewall settings page, open rule set 2 and then create rules blocking the IPs you've listed.