Help
Support Forum
The Forums are a place to find answers on a range of Fortinet products from peers and product experts.
JOSIAH_BOZIAH
New Contributor III

Created on ‎07-11-2023 01:04 PM

How can I bulk all the Addresses Trying to access my Remoted desktop connection.

I have Thousands of IPs trying to access my fortigate using RDP, some china, russia, usa, how can i bulk block the IPS and only allow just a few that I know to access RDP.

Labels:
1217
0 Kudos
2 Solutions
kaman
Staff
Staff

Created on ‎07-11-2023 09:10 PM

End user will connect via RDP to an external (WAN) IP address to access the internal (LAN) host with a customized RDP port. The standard RDP port is 3389.

While configuring the RDP policy, in the Source you can add only the specific IPs which you want to allow.

Please refer to the below document:

https://community.fortinet.com/t5/FortiGate/Technical-Tip-Use-RDP-via-VIP/ta-p/210093

View solution in original post

1192
0 Kudos
pjawalekar
Staff
Staff

Created on ‎07-13-2023 11:10 PM

Hi Josiah,

I understood that you are facing issue as multiple IP's to access your Fortigate device using RDP and those ip's are from china, russia, usa location.

You want to allow the traffic with some specific ip's, you can do the same by allowing only the specific public ip's to be in the source of the policy.

Also you can allow/block the specific geolocation to access the RDP devices, you can refer below KB for the same. Hope it will help.

https://community.fortinet.com/t5/FortiGate/Technical-Tip-How-to-block-by-country-or-geolocation/ta-...


GEO IP - Blocklisting & whitelisting countries & regions
https://docs.fortinet.com/document/fortiweb/7.2.3/administration-guide/226257/geo-ip-blocklisting-wh...

 

Regards,

Pratik

 

 

 

View solution in original post

1170
0 Kudos
3 REPLIES 3
kaman
Staff
Staff

Created on ‎07-11-2023 09:10 PM

End user will connect via RDP to an external (WAN) IP address to access the internal (LAN) host with a customized RDP port. The standard RDP port is 3389.

While configuring the RDP policy, in the Source you can add only the specific IPs which you want to allow.

Please refer to the below document:

https://community.fortinet.com/t5/FortiGate/Technical-Tip-Use-RDP-via-VIP/ta-p/210093

1193
0 Kudos
pjawalekar
Staff
Staff

Created on ‎07-13-2023 11:10 PM

Hi Josiah,

I understood that you are facing issue as multiple IP's to access your Fortigate device using RDP and those ip's are from china, russia, usa location.

You want to allow the traffic with some specific ip's, you can do the same by allowing only the specific public ip's to be in the source of the policy.

Also you can allow/block the specific geolocation to access the RDP devices, you can refer below KB for the same. Hope it will help.

https://community.fortinet.com/t5/FortiGate/Technical-Tip-How-to-block-by-country-or-geolocation/ta-...


GEO IP - Blocklisting & whitelisting countries & regions
https://docs.fortinet.com/document/fortiweb/7.2.3/administration-guide/226257/geo-ip-blocklisting-wh...

 

Regards,

Pratik

 

 

 

1171
0 Kudos
JOSIAH_BOZIAH
New Contributor III

Created on ‎07-14-2023 12:26 AM

Thank you.

1158
0 Kudos
Announcements
Check out our Community Chatter Blog! Click here to get involved
Labels
Top Kudoed Authors
View all
Broad. Integrated. Automated.

The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.

Social Media
Security Research
Company
News & Articles
Contact Us

Copyright 2025 Fortinet, Inc. All Rights Reserved.