This guide will apply to Windows Desktop 10, Windows Desktop 11, Microsoft Windows Server 2019, Server 2022 and server 2025.
This knowledge base article will guide you through the process of allowing Remote Desktop Protocol (RDP) access from a specific IP address (e.g., 1.2.3.4) on a Windows system using the default predefined firewall rules.
By utilizing these predefined rules, you can ensure proper configuration while enhancing security by restricting RDP access to a trusted source.
Prerequisites:
- You need administrative privileges on the Windows system.
- Ensure you have the necessary firewall access to modify RDP settings.
Steps to Allow RDP Access from IP Address (1.2.3.4 )
Step 1: Open Windows Firewall Settings
1.1. Press Win + R on your keyboard to open the Run dialog.
2.1. Type firewall.cpl and press Enter. This opens the Windows Firewall settings.
Step 2: Modify Inbound Rules
2.1. In the Windows Firewall window, click on "Advanced settings" on the left-hand side.
Step 3: Allow Remote Desktop - User Mode (TCP-In)
3.1. In the Windows Firewall with Advanced Security window, select "Inbound Rules" on the left-hand side.
3.2. Locate the rule named "Remote Desktop - User Mode (TCP-In)" and double-click it to open the properties.
Step 4: Configure the Rule
4.1. In the Properties window, go to the "Scope" tab.
4.2. Under "Remote IP addresses," choose "These IP addresses."
4.3. Click "Add."
4.4. Select "This IP address or subnet:" and enter the specific IP address you want to allow (e.g., 1.2.3.4).
4.5. Click "OK," then "Apply," and finally "OK" to close the properties window.
Step 5: Allow Remote Desktop - User Mode (UDP-In)
5.1. Locate the rule named "Remote Desktop - User Mode (UDP-In)" in the Inbound Rules list and double-click it.
Step 6: Configure the UDP Rule
6.1. In the Properties window, go to the "Scope" tab".
6.2. Under "Remote IP addresses," choose "These IP addresses."
6.3. Click "Add."
6.4. Select "This IP address or subnet:" and enter the specific IP address you want to allow (e.g., 1.2.3.4).
6.5. Click "OK," then "Apply," and finally "OK" to close the properties window.
Step 7: Allow Remote Desktop - Shadow (TCP-In)
7.1. Locate the rule named "Remote Desktop - Shadow (TCP-In)" in the Inbound Rules list and double-click it.
Step 8: Configure the Shadow Rule
8.1. In the Properties window, go to the "Scope" tab".
8.2. Under "Remote IP addresses," choose "These IP addresses."
8.3. Click "Add."
8.4. Select "This IP address or subnet:" and enter the specific IP address you want to allow (e.g., 1.2.3.4).
8.5. Click "OK," then "Apply," and finally "OK" to close the properties window.
Step 9: Test the Connection
9.1. With the predefined rules now configured, attempt to establish an RDP connection from the allowed IP address (1.2.3.4). Use the Remote Desktop client and enter the target system's IP or hostname.