Caltech
Information Management Systems and Services
IMSS  /  Services  /  Information Security  /  Security for IT Staff  /  Restricting Windows RDP to Campus

Restricting Windows RDP to Campus

Restricting Windows RDP to Campus

Restrict access to Windows Remote Desktop by creating an inbound firewall rule in the built-in Windows firewall. The instructions below apply to both Windows 7 and Windows 10.

1. Open your "Control Panel" by clicking on your start menu and then clicking on "Control Panel" (Windows 7) or by simply typing the word "Control Panel" in the search (Windows 10), and select "Windows Firewall". Note that you may first need to change the Control Panel "View by" setting, if it is currently set to "View by Categories".

Control Panel Windows Firewall



2. Click on "Advanced Settings"

Windows Firewall



3. Next, click on "Inbound Rules"

Windows Firewall Inbound Rules




4. Now scroll down and find the inbound rule for Remote Desktop. If there is more than one rule for Remote Desktop, be sure to modify scope for each one.

Inbound Rules Remote Desktop




5. Right click on the Remote Desktop rule and click on "Properties".

Remote Desktop Properties Protocols and Ports



6. Click on the "Scope" tab, and under the "Remote IP address" section and add the IP address range 131.215.0.0/16 to lock Remote desktop down to Caltech campus IP addresses only. Be sure to click "Apply" to apply your changes.

Remote Desktop Scope



7. Lastly, make sure this rule is actually Enabled. It will have a green check mark next to it to indicate that it is enabled.

Inbound Rules Remote Desktop