I've been trying to secure RDP to a new Windows 2008R2 server (using Windows Firewall) by only allowing RDP traffic from one IP address.
Under the "Computers" tab, it seems I can only allow user or computer authentications when the server is set to only allow secure connections.
So, I go to the "General" tab and under "Action" I set to "allow the connection if it is secure". That's when I get shut out, cannot reconnect over RDP and have to rebuild (this is a Rackspace cloud server so easily done).
Where am I going wrong? I haven't done anything to my local workstation (which I'm assuming I have to) as I can't find anything in the RDP client to change regarding encrypting the connection.
You're trying to set this rule in the RDP configuration page, you should be setting it in the firewall configuration page.
Basically, you need to click start, search for
Windows Firewall
and follow the screen shots that I've provided below. You'll be adding a Remote IP Allow rule to the pre-defined RDP-IN rule that should already be enabled.Edit: Added screenshots
Step 1: Open the Windows Firewall with Advanced Configuration
Step 2: Locate the Remote Desktop rule that's currently enabled and edit it.
Step 3: In the
Scope
tab, change the allowed Remote IPs field to whatever you want. This is the source address that you wish to restrict.