Created
August 8, 2023 07:09
-
-
Save rikka0w0/25c38add7ca2fc0d2d549cce87f61d6f to your computer and use it in GitHub Desktop.
Only allow local access to remote desktop
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
# Get the "Remote Desktop - User Mode (TCP-In)" rule | |
$rule = Get-NetFirewallRule -DisplayName "Remote Desktop - User Mode (TCP-In)" | |
# Get the associated firewall filter | |
$filter = Get-NetFirewallAddressFilter -AssociatedNetFirewallRule $rule | |
# Set the private IPv4 and IPv6 ranges, including full loopback and link-local addresses, for the Remote Address | |
Set-NetFirewallAddressFilter -InputObject $filter -RemoteAddress "10.0.0.0/8", "172.16.0.0/12", "192.168.0.0/16", "fc00::/7", "fd00::/8", "127.0.0.0/8", "169.254.0.0/16", "fe80::/10" | |
# Set the port to 3389 | |
Set-NetFirewallRule -Name $rule.Name -LocalPort 3389 -RemotePort 3389 |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment