How to Allow RDP Access from a Specific IP Address on Windows Remote Desktop

This knowledge base article will guide you through the process of allowing Remote Desktop Protocol (RDP) access from a specific IP address (e.g., 1.2.3.4) on a Windows system using the default predefined firewall rules. By utilizing these predefined rules, you can ensure proper configuration while enhancing security by restricting RDP access to a trusted source.

Prerequisites:

• You need administrative privileges on the Windows system.
• Ensure you have the necessary firewall access to modify RDP settings.

Steps to Allow RDP Access from IP Address 1.2.3.4:

Step 1: Open Windows Firewall Settings

1. Press Win + R on your keyboard to open the Run dialog.
2. Type firewall.cpl and press Enter. This opens the Windows Firewall settings.

Step 2: Modify Inbound Rules

1. In the Windows Firewall window, click on "Advanced settings" on the left-hand side.
   • 

Step 3: Allow Remote Desktop - User Mode (TCP-In)

1. In the Windows Firewall with Advanced Security window, select "Inbound Rules" on the left-hand side.
2. Locate the rule named "Remote Desktop - User Mode (TCP-In)" and double-click it to open the properties.
3. 

Step 4: Configure the Rule

1. In the Properties window, go to the "Scope" tab.
2. Under "Remote IP addresses," choose "These IP addresses."
3. Click "Add..."
4. Select "This IP address or subnet:" and enter the specific IP address you want to allow (e.g., 1.2.3.4).
5. Click "OK," then "Apply," and finally "OK" to close the properties window.
6. 

Step 5: Allow Remote Desktop - User Mode (UDP-In)

1. Locate the rule named "Remote Desktop - User Mode (UDP-In)" in the Inbound Rules list and double-click it.

Step 6: Configure the UDP Rule

1. In the Properties window, go to the "Scope" tab.
2. Under "Remote IP addresses," choose "These IP addresses."
3. Click "Add..."
4. Select "This IP address or subnet:" and enter the specific IP address you want to allow (e.g., 1.2.3.4).
5. Click "OK," then "Apply," and finally "OK" to close the properties window.

Step 7: Allow Remote Desktop - Shadow (TCP-In)

1. Locate the rule named "Remote Desktop - Shadow (TCP-In)" in the Inbound Rules list and double-click it.

Step 8: Configure the Shadow Rule

1. In the Properties window, go to the "Scope" tab.
2. Under "Remote IP addresses," choose "These IP addresses."
3. Click "Add..."
4. Select "This IP address or subnet:" and enter the specific IP address you want to allow (e.g., 1.2.3.4).
5. Click "OK," then "Apply," and finally "OK" to close the properties window.

Step 9: Test the Connection

1. With the predefined rules now configured, attempt to establish an RDP connection from the allowed IP address (1.2.3.4). Use the Remote Desktop client and enter the target system's IP or hostname.

Conclusion:

By following these steps, you have successfully configured your Windows system to allow Remote Desktop Protocol (RDP) access from the specific IP address (1.2.3.4) using the default predefined firewall rules. This approach enhances security by leveraging existing rules to restrict RDP access to a trusted source.

Note: Always exercise caution when modifying firewall and security settings. Make sure you are following your organization's security guidelines and best practices.