Win2003 Remote Desktop 3389 Security Policy Limit IP

Step 1: Add Allowed IP Segments

Start, Run, gpedit.msc, Computer Configuration, Windows Settings, Security Settings, IP Security Policy, Changlai Net Dedicated IP security policy, double-click to open, then double-click to open, then click Add, click Next, enter description, next, source address select a specific IP subnet, enter the following IP address, such as your server IP is 61.164.140.43, enter 61.164.140.0, the following subnet mask input 255.255.255.0, then click Next, the target address is selected my IP address, the next step, the protocol type is selected, then click Next, then click Finish, then click OK until you return to the Group Policy window, then close it.

Step 2: Reject all IP segments to connect to port 3389

Start, run, gpedit.msc, computer configuration, Windows settings, security settings, IP security policy, frequent network private IP Security policy, double-click to close, then double-click to close, then click Add, click Next, enter description, next, source address select any IP address, next, target address select my IP address, next step, select protocol type For TCP, click Next. The default from the previous port is unchanged. The following is the point to the port and then fill in 3389, then click Next, click Finish, then click OK, then click Close, click Apply, then click OK. Finished.

If your IP address is changed frequently, ADSL can add several network segments that you use frequently in the allowed network segment. If the IP is 123.6.71.231, you only need to enable the above. IP61.164.140.0 in the IP segment is replaced by 123.6.0.0, because the number of two digits behind ADSL often changes but the first two digits do not change often! Enter 255.255.0.0 for the subnet mask, and all other operations are the same.