Firewall Rule to Restrict RDP Port Forward Not Working

AffordableIT
AffordableIT Posts: 1
edited April 2021 in Security
I have a USG110 that I set up for a client.  They have a software vendor who insists on using RDP for remote support.  I set up Port Forwarding to send RDP traffic (on a non-standard port) to the server.  In the firewall, I set up a rule to allow traffic from WAN1, with a source IP of the Vendor's public IP addresses to reach the server.  It is straightforward, and I understand that this rule should only allow the forwarded RDP traffic from those particular public IP addresses to reach the server, and block all others.  However, when I enable to NAT rule, RDP over that port from any PC on the internet is able to reach the server.  Is there something else I should be doing?  I have set something similar for another client with their remote VOIP phones, and it seems to work properly.  I don't know why it should be different here.  Any help is appreciated.

All Replies

  • Zyxel_Stanley
    Zyxel_Stanley Posts: 1,177
    100 Answers 1000 Comments Friend Collector Fifth Anniversary
     Guru Member

    Hi @AffordableIT  

    You can make sure if your policy control rules allowed any traffic from internet.

    And also check if default rule action is deny.


  • PeterUK
    PeterUK Posts: 1,439
    50 Answers 1000 Comments Friend Collector Fifth Anniversary
     Guru Member

    Maybe you have another rule in place for RDP that allows all?


  • Stanley,

    Thank you for the input.  It turns out that I needed an explicit DENY rule for RDP traffic (#2 on list) from any IP right under the rule allowing the forwarded RDP port from the specific IP addresses (#1 on list).  I could not determine which subsequent rule was allowing it from any IP location, but the DENY rule took care of it.


    Thanks again.
  • Zyxel_Stanley
    Zyxel_Stanley Posts: 1,177
    100 Answers 1000 Comments Friend Collector Fifth Anniversary
     Guru Member

    Hi @AffordableIT

    It's good to know your issue has resolved. 😎

Security Highlight