Firewall blocking RDP \ End User's Network?

nevets · Mar 24, 2020, 6:48 PM

Sorry if this is not the right category.

Background:
A few users has been able to use windows RDP to access the office network for over a year now. It stopped working this Monday. It seems like their home network got blocked somehow.

The same RDP shortcut works when I tested it from my personal system as well as multiple other different networks. I had one of the users tap into their mobile hot spot and they were able to connect fine afterwards. I tried checking the logs but didn't really see anything blocking their specific public IP.

Any suggestions?

Thanks in advance!

noplan · Mar 24, 2020, 7:15 PM

@nevets said in Firewall blocking RDP \ End User's Network?:

users has been able to use windows RDP to access the office network for over a year now. It stopped working this Monday. It seems like their home network got blocked somehow.
The same RDP shortcut works when I tested it from my personal system as well as multiple other different networks. I had one of the users tap into their mobile hot spot and they were able to connect fine afterwards. I tried checking the logs but didn't really see anything blocking their specific public IP.
Any suggestions?
Thanks in advance!

on openVPN we run into the NetBios thing,
after enabling this it was gone.

hope this could help
#stayhealthy

SteveITS · Apr 1, 2020, 9:12 PM

It sounds weird but we've had a case where restarting the Comcast router/modem in the office (outside the pfSense) fixes the issue. So apparently the Comcast hardware had started blocking the IPs. And yes we turned off the security on it so either it blocked it anyway or turning off the security was insufficient to remove the block (I'm not sure which, it was a coworker solving this for a client). It happened again yesterday.

Edit: I was just told we've seen this at three locations now, twice each at two clients for Remote Desktop, and once this week where one user couldn't connect via OpenVPN but all other staff could.

joniga1067 · Mar 27, 2020, 2:35 PM

Hi buddy, thou this never happened to me previously but clearing the DNS of the network might help solve the issue.

Regards,
J. Smith

nevets · Apr 1, 2020, 9:12 PM

@teamits Thanks Steve! It doesn't make much sense but restarting the modem ended up resolving it for us as well. Thanks for sharing your experience.

SteveITS · Apr 1, 2020, 9:22 PM

@nevets No problem, given it's widespread it seems like it's a Comcast bug? Firmware? Expect it to recur in a month or two... :(