How to Restrict Remote Desktop (RDP) for One IP Address

How to Restrict Remote Desktop Protocol (RDP) for One IP Address

/ Knowledgebase, Remote Desktop Protocol (RDP)

How to restrict Remote Desktop Protocol (RDP) for one IP address. Remote Desktop Protocol (RDP) is a powerful tool that allows users to connect to computers remotely. While it offers significant convenience and flexibility, it can also pose security risks if not properly managed. One way to enhance security is to restrict RDP access to a specific IP address. This blog will guide you through the process of restricting RDP for one IP address, providing detailed steps and tips to ensure your remote access is secure.

Why Restrict RDP Access?

Enhanced Security
Limiting RDP access to a specific IP address reduces the risk of unauthorized access and cyberattacks. It ensures that only users from a designated IP address can connect, adding an extra layer of security to your system.

Controlled Access
By restricting RDP access, you maintain better control over who can access your network remotely. This is especially important for businesses that need to safeguard sensitive information.

Steps to Restrict RDP Access for One IP Address

 

1. Configuring Windows Firewall

The most straightforward method to restrict RDP access is through Windows Firewall. Here’s how to do it:

1: Open Windows Firewall

  1. Press Desktop Windows (plus +) R to open the Run dialog box.
  2. Type wf.msc and press Enter to open the Windows Firewall with Advanced Security console.

2: Create a New Rule

  1. In the left pane, click on Inbound Rules.
  2. In the right pane, press on New Rule.
  3. Select Custom and click Next.

3: Configure Rule Settings

  1. The Program section, select All programs and click Next.
  2. Protocol and Ports section, select TCP and specify port 3389 (the default RDP port) and click Next.
  3. In the Scope section, specify the remote IP address that you want to allow. In the Which remote IP addresses does this rules apply to? section, select These IP addresses and click Add.
  4. Enter the IP address you want to allow and click OK. Click Next.

4: Allow the Connection

  1. Action section, select Allow the connection and click Next.
  2. Profile section, select the profiles (Domain, Private, Public) to which this rule applies and click Next.
  3. Name section, give your rule a name (e.g., Allow RDP for Specific IP) and click Finish.

This rule allows RDP connections only from the specified IP address.

2. Configuring RDP Settings on the Router

In addition to configuring Windows Firewall, you may need to set up rules on your router to ensure that only a specific IP address can access your network via RDP.

1: Access Router Settings

  1. Open a web browser & enter your router’s IP address (commonly 192.168.1.1 or 192.168.0.1).
  2. Log in with your router’s credentials.

2: Configure Port Forwarding

  1. Locate the Port Forwarding section in your router’s settings.
  2. Create a new port forwarding rule for RDP (port 3389).
  3. Specify the IP address of the computer that you want to allow access to.
  4. Save the settings.

3: Set Up Access Control

  1. Find the Access Control or Firewall section in your router’s settings.
  2. Create a new rule to allow traffic only from the specified IP address.
  3. Save the settings.

3. Using Group Policy to Restrict RDP

For Windows Server environments, Group Policy can be used to restrict RDP access.

1: Open Group Policy Management

  1. Press Desktop Windows + R to open the Run dialog box.
  2. Type gpmc.msc & press Enter to open Group Policy Management.

2: Make a New Group Policy Object

  1. Right-click on the domain or organizational unit where you want to apply the policy and select Create a GPO in this domain, and Link it here.
  2. Give your new GPO a name (e.g., Restrict RDP Access) and click OK.

3: Edit the Group Policy Object

  1. Right-click on your new GPO & select Edit.
  2. Navigate to Computer (PC) Configuration > Windows Settings > Security Settings > Windows Firewall with Advanced Security > Inbound Rules.
  3. Right-click and select New Rule.

4: Configure Rule Settings

Follow the same steps as described in the Windows Firewall section to allow RDP connections only from the specified IP address.

4. Testing and Verification

After setting up the restrictions, it’s crucial to test the configuration to ensure it works as expected.

Step 1: Test from Allowed IP Address

  1. Try connecting to the RDP from the allowed IP address.
  2. Verify that the connection is successful.

Step 2: Test from Other IP Addresses

  1. Try connecting to the RDP from different IP addresses.
  2. Verify that the connection is denied.

5. Monitoring and Maintenance

Regularly monitor the logs and firewall settings to ensure that the rules are enforced and there are no unauthorized access attempts.

Step 1: Check Windows Firewall Logs

  1. Open Event Viewer by pressing Windows + R, typing eventvwr.msc, and pressing Enter.
  2. Navigate to Applications & Services Logs > Microsoft > Windows > Windows Firewall with Advanced Security.

Step 2: Review Router Logs

  1. Access your router’s settings.
  2. Locate the log section and review the logs for any unauthorized access attempts.

Conclusion
Restricting RDP access to a specific IP address is a crucial step in securing remote access to your systems. By configuring Windows Firewall, setting up router rules, using Group Policy, and regularly monitoring access logs, you can significantly reduce the risk of unauthorized access and enhance the overall security of your network. Follow these steps carefully to ensure that only trusted IP addresses can connect via RDP, keeping your data and systems safe.

Related Posts

Scroll to Top