kernol 0 Posted July 13, 2016 Share Posted July 13, 2016 Just installed Endpoint Security 6 on Windows 10 desktop with ESET firewall active. Can RDP locally from one workstation to another - but can no longer RDP from external. Windows firewall did allow RDP from external via internet - and still does if I disable ESET firewall completely. Can someone please supply rule to be added to permit RDP through ESET firewall from internet - and what setting to select - Automatic mode; Interactive mode; Policy based mode or Learning mode ?? NB - need to RDP from a laptop - so don't have fixed public ip! Many thanks Link to comment Share on other sites More sharing options...
jimwillsher 64 Posted July 14, 2016 Share Posted July 14, 2016 Just allow port 3389/TCP from everywhere, that should do it. Link to comment Share on other sites More sharing options...
Administrators Marcos 4,713 Posted July 14, 2016 Administrators Share Posted July 14, 2016 RDP is allowed in the Trusted zone by default. From a security point of view, it'd be better to allow the above mentioned port just for a specific remote IP address or add it to the trusted zone. Link to comment Share on other sites More sharing options...
kernol 0 Posted July 15, 2016 Author Share Posted July 15, 2016 RDP is allowed in the Trusted zone by default. From a security point of view, it'd be better to allow the above mentioned port just for a specific remote IP address or add it to the trusted zone. Thanks Marcos I use CISCO Anyconnect to VPN to my office and having connected use Remote Desktop to access my office PC from my home PC - or on the road from my laptop. Under Windows 10 Firewall - this was not a problem - because I assume it sees my connection as being from within the trusted zone. With ESET Firewall - this connection is blocked! I too would prefer not to open port 3389/TCP from everywhere - but home PC and laptop on the move have dynamic ip addresses - so confining the port to a single ip won't work. Is there a more secure solution? Many thanks John Link to comment Share on other sites More sharing options...
Administrators Marcos 4,713 Posted July 15, 2016 Administrators Share Posted July 15, 2016 As long as the IP address is in the Trusted zone, you should be able to connect via RDP as it's allowed in the Trusted zone by default. You can also run the Firewall troubleshooting wizard to see a list of recently blocked communications and to allow the desired one(s). Link to comment Share on other sites More sharing options...
Solution kernol 0 Posted July 16, 2016 Author Solution Share Posted July 16, 2016 As long as the IP address is in the Trusted zone, you should be able to connect via RDP as it's allowed in the Trusted zone by default. You can also run the Firewall troubleshooting wizard to see a list of recently blocked communications and to allow the desired one(s). Many thanks for that tip Marcos - the wizard uncovered the ip address used by my CISCO VPN so I was able to add the private ip range so that multiple workers could use RDP to gain access to their workstations. Far safer than simply opening the port for "any" access from anywhere. Remote users have to authenticate through the CISCO before they will be able to use Remote Desktop from outside our internal network. It also uncovered a problem between an HP Multi-functional printer which provides e-Print services to remote users who print from mobile devices to the office printer [iDS was blocking them]. Problems solved - thanks John Link to comment Share on other sites More sharing options...
Recommended Posts