I have Thousands of IPs trying to access my fortigate using RDP, some china, russia, usa, how can i bulk block the IPS and only allow just a few that I know to access RDP.
Solved! Go to Solution.
Nominating a forum post submits a request to create a new Knowledge Article based on the forum post topic. Please ensure your nomination includes a solution within the reply.
End user will connect via RDP to an external (WAN) IP address to access the internal (LAN) host with a customized RDP port. The standard RDP port is 3389.
While configuring the RDP policy, in the Source you can add only the specific IPs which you want to allow.
Please refer to the below document:
https://community.fortinet.com/t5/FortiGate/Technical-Tip-Use-RDP-via-VIP/ta-p/210093
Hi Josiah,
I understood that you are facing issue as multiple IP's to access your Fortigate device using RDP and those ip's are from china, russia, usa location.
You want to allow the traffic with some specific ip's, you can do the same by allowing only the specific public ip's to be in the source of the policy.
Also you can allow/block the specific geolocation to access the RDP devices, you can refer below KB for the same. Hope it will help.
GEO IP - Blocklisting & whitelisting countries & regions
https://docs.fortinet.com/document/fortiweb/7.2.3/administration-guide/226257/geo-ip-blocklisting-wh...
Regards,
Pratik
End user will connect via RDP to an external (WAN) IP address to access the internal (LAN) host with a customized RDP port. The standard RDP port is 3389.
While configuring the RDP policy, in the Source you can add only the specific IPs which you want to allow.
Please refer to the below document:
https://community.fortinet.com/t5/FortiGate/Technical-Tip-Use-RDP-via-VIP/ta-p/210093
Hi Josiah,
I understood that you are facing issue as multiple IP's to access your Fortigate device using RDP and those ip's are from china, russia, usa location.
You want to allow the traffic with some specific ip's, you can do the same by allowing only the specific public ip's to be in the source of the policy.
Also you can allow/block the specific geolocation to access the RDP devices, you can refer below KB for the same. Hope it will help.
GEO IP - Blocklisting & whitelisting countries & regions
https://docs.fortinet.com/document/fortiweb/7.2.3/administration-guide/226257/geo-ip-blocklisting-wh...
Regards,
Pratik
Thank you.
Select Forum Responses to become Knowledge Articles!
Select the “Nominate to Knowledge Base” button to recommend a forum post to become a knowledge article.
User | Count |
---|---|
1640 | |
1069 | |
751 | |
443 | |
210 |
The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.
Copyright 2024 Fortinet, Inc. All Rights Reserved.