Windows Firewall scope is not working

Question

I have to block all connections except some IP for RDP so I create a windows firewall rule.

I create a rule that allows connections to the port 3389 only for 192.168.2.50

All profiles have the settings to reject all connections not specified by a rule .

I think it is all correct i apply. When I try to connect (RDP is activated in the computer where rule is being applied) connection is refused.

If I change the rule and allow all IP to connect via RDP.

I have no problem connecting, but all IP can connect via RDP.

I don't now why this is happening

(This problem is not only happening with RDP, also happens with ICMPv4,VNC...)

Answer 1

Hi,

Thanks for posting in Q&A platform.

May I know if your goal is block all IP to connection port 3389 except for the specific IP 192.168.2.50? If yes, create a new rule in Inbound Rules might not achieve your goal.

I have test in my lab environment and attaching the result for your reference:

I created a new rule in Inbound rules as the information you provided, I found the specific IP can RDP to the target machine, but the other IP can also RDP to the target machine.

If you just need the specific IP can RDP to the target machine via port 3389, I would suggest you could specify the specific remote IP in the following rules of Inbound rules in Windows Firewall:

Remote Desktop - user Mode (TCP-In)

Remote Desktop -User Mode (UDP-In)

Best Regards,
Sunny

----------

If the Answer is helpful, please click "Accept Answer" and upvote it.

Note: Please follow the steps in our documentation to enable e-mail notifications if you want to receive the related email notification for this thread.