baran 0 Posted April 12, 2021 Posted April 12, 2021 hi guys How to block an IP on port 3389؟ for exampel :192.168.1.10 can not remote desktop to 192.168.1.20 i have trust zone 192.168.1.0/24 in rule firewall and trun off allow remote desktop in the trusted zone
Administrators Marcos 5,468 Posted April 12, 2021 Administrators Posted April 12, 2021 Create a blocking firewall rule with the remote port 3389 and the remote IP address 192.168.1.20 to block RDP to this address. You might need to put the rule above the default ones in case that RDP in the trusted zone is allowed.
baran 0 Posted April 12, 2021 Author Posted April 12, 2021 In which part should I enter the desired IP? local or remote?
Administrators Marcos 5,468 Posted April 12, 2021 Administrators Posted April 12, 2021 For example, if you want to block RDP connections to 192.168.1.20 on the machine 192.168.1.10, apply a fw blocking firewall rule on the machine 192.168.1.10 that will have both the port 3389 and the IP address 192.168.1.20 listed on the Remote tab. Leave the Local settings untouched.
baran 0 Posted April 12, 2021 Author Posted April 12, 2021 hi marcos Once I have written the rule, I can no longer open the site. When the firewall is turned off, the site will open.
Administrators Marcos 5,468 Posted April 12, 2021 Administrators Posted April 12, 2021 Please provide logs collected with ESET Log Collector so that I can review the rule(s).
Recommended Posts