Windows Server Windows Firewall configuration blocking ip addresses

Discussion in 'Windows Security' started by HunterJoe, Oct 6, 2014.

  1. HunterJoe

    HunterJoe Senior Member

    Dec 19, 2009
    Likes Received:
    Hi all, long time reader.

    I can figure out most things on my own when it comes to windows computers, however we use Windows Server 2008 R2 at work, and my boss asked me last week to configure Windows Firewall so that only our IP Addresses here in the office could RDP into the server (we have a static ip for each workstation).

    So I opened up Windows Firewall with Advanced Security, clicked on inbound rules, scrolled down to Remote Desktop (TCP-in), right clicked, went to properties.

    Here is where things get blurry for me. I know I checked the radio button that says "Allow the connection if it is secure" then the customize button, and selected the first option "Allow the connection if it is authenticated and integrity-protected.", as I thought this would apply to logged in users, or authorized user accounts. But then I thought "Maybe we don't need this option." and I quickly googled how to restrict RDP by IP, and maybe... I clicked cancel... maybe not, and maybe... I checked it back to "Allow the connection"... maybe not???

    Either way, I then clicked on the "scope" tab, and clicked the radio button for the Remote IP Address section labeled "These IP Addresses:" and then clicked add. Then I entered our range of IP addresses (phoney addresses listed here) which are, but I think (and I am 100% sure on this one) that I entered the IP Addresses incorrectly as,

    Either way, RDP immediately disconnected me and we were not able to RDP for the rest of the day. Our server host is running Parallels to manage the VMs. They were able to stop the Windows Firewall Service, which enabled RDP again.

    So now my boss wants me to get the firewall back up, but if I restart the service, then the RDP rules will kick in, and we will be locked out again. Is there a way I can fix this? I am not able to run any netsh advfirewall commands as the service is not running. It throws an error every time I run any command.

    Please, please, please keep the laughs to a minimum, my fragile sense of usefulness has been under constant barrage from my co-workers since last Friday. Thanks in advance.

Share This Page