baran 0 Posted April 12, 2021 Share Posted April 12, 2021 hi guys How to block an IP on port 3389؟ for exampel :192.168.1.10 can not remote desktop to 192.168.1.20 i have trust zone 192.168.1.0/24 in rule firewall and trun off allow remote desktop in the trusted zone Link to comment Share on other sites More sharing options...
Administrators Marcos 4,914 Posted April 12, 2021 Administrators Share Posted April 12, 2021 Create a blocking firewall rule with the remote port 3389 and the remote IP address 192.168.1.20 to block RDP to this address. You might need to put the rule above the default ones in case that RDP in the trusted zone is allowed. Link to comment Share on other sites More sharing options...
baran 0 Posted April 12, 2021 Author Share Posted April 12, 2021 In which part should I enter the desired IP? local or remote? Link to comment Share on other sites More sharing options...
Administrators Marcos 4,914 Posted April 12, 2021 Administrators Share Posted April 12, 2021 For example, if you want to block RDP connections to 192.168.1.20 on the machine 192.168.1.10, apply a fw blocking firewall rule on the machine 192.168.1.10 that will have both the port 3389 and the IP address 192.168.1.20 listed on the Remote tab. Leave the Local settings untouched. Link to comment Share on other sites More sharing options...
baran 0 Posted April 12, 2021 Author Share Posted April 12, 2021 hi marcos Once I have written the rule, I can no longer open the site. When the firewall is turned off, the site will open. Link to comment Share on other sites More sharing options...
Administrators Marcos 4,914 Posted April 12, 2021 Administrators Share Posted April 12, 2021 Please provide logs collected with ESET Log Collector so that I can review the rule(s). Link to comment Share on other sites More sharing options...
Recommended Posts