Open RDP Port 3389 for an entire subnet

  • Hello everybody,
    Can someone please give me a tip. I would like for a short time to open port 3389 in one subnet so that they can access via RDP to an external computer. Have PFSense in the current version. Is it sufficient under Firewall / Rules / WAN to set a corresponding rule? If yes how? IPv4 TCP / Destination: WAN Address / Destination Port: 3389 / Source ???

    Thanks and Greetings


  • ~~Yes it can be done by some port forwarding and redirects. But is it safe?  By no means would it be.

    Your best bet would be to set up VPN (s) and then you could access anything on the LAN on the other side of the firewall without allowing the rest of the world to try and steal your access.

    People will pound on your RDP for days if you open it up to the world.

    Otherwise..  pick a port for each of your LAN clients that you want to RDP into.  Port Forward-  destination port 600 as an example..~~ Edit-  this is outbound traffic the OP is asking about..  read below.    ;)

  • Probably another way or two to do it but this would be the way I would do it.

    You can restrict who can access these by limiting the source address to certain IP's but VPN is the way to go.

  • Thank you very much!!
    Is it also possible without forwarding? So for a whole subnet at once?
    I know it is very uncertain!

    Thanks and regards

  • This is a double post to the german section as well.
    There it was clearer that the intention is for all local PCs to reach out with RDP to one host.
    It's outbound traffic and shouldn't need special care.

  • Ah- Thanks jahonix!  Reading slower I see that now.

    pfsenselearner-  what he said.    :)

    Just read that thread there (with a little help from Google) and glad to see your getting help there.

    Good luck!    :)

  • Hello,
    sorry for the confusion and the double post!!

    Thank You all

    greetings pfsenselearner

Log in to reply