02-26-2020 06:53 AM - edited 02-26-2020 07:28 AM
I'm a newbie Cisco RV260 router owner. I want to provide RDP service for one user. I added the service for port 3389. I added a port forwarding entry. I added an Access Rule allowing access to the RDP service from the user's IP address only. This works - the user is now able to connect via RDP. My question is: for security, do I also need to add an Access Rule, with higher priority than the rule I added, that denies access to the RDP service from all sources? If I do that the user is unable to connect. Or do I have the priorities swapped, and the user-specific rule needs to have higher priority than the all-sources rule?
02-26-2020 09:15 AM
You will need the RDP rule to be above the block all rule, otherwise this will not work.
As for security, we usually do things slightly differently for RDP access; in the router configure the external port number to something random like 60111 then forward internally to port 3389. 3389 is the standard RDP port number and ive had clients who have been brute force attacked through port 3389 to gain access to their machine. 3389 is probed by bots and hackers on a regular basis.
02-26-2020 01:44 PM
Thanks!
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide