Deny incoming RDP

  • Hello,
    Is it possible to allow RDP connexion from local network to WAN and in the same time blocked any incoming trafic from RDP port ?
    In fact, I would like to deny any connexion from WAN to local on to the RDP port but keeping access to my TSE from local to the external Cloud (TSE session).
    Thanks in advance,

  • LAYER 8 Rebel Alliance

    Yes, this is no problem.
    Per default pfSense is blocking any incoming WAN connection anyway and allow any LAN.


  • Can you please tell me how to check that incoming WAN trafic is blocked ?

  • LAYER 8 Rebel Alliance

    No WAN Rules = everything blocked.
    And it is logged into your Firewall Log.


  • This is from an older version of pfsense, but I'm pretty sure the Firewall -> Rules -> WAN tab reads the same with a brand new default install. I can't easily take a screenshot of mine, since it's filled with a bunch of rules.

    Those 2 rules listed are default WAN rules, nothing else is allowed to pass thru, inbound.

    alt text

    And your RDP out from local LAN network to the cloud should work just fine, if you didn't change, or delete, the LAN firewall rule to allow LAN to any. That rule is also a default on a fresh install of pfsense.


Log in to reply