Access remote desktop exclusively from a computer

Fabio Bernini 31 Reputation points
2021-12-14T15:29:17.58+00:00

Good morning to all and thank you to read my question.
I wonder if there is the possibility to connect to a server with Windows Server 2019 in remote desktop with some configuration that allows the connection via a user but only by a specific computer or that if the connection with that user is performed with a computer Unlike it is not possible. Thank you and greetings.

Windows Server 2019
Windows Server 2019
A Microsoft server operating system that supports enterprise-level management updated to data storage.
3,397 questions
Remote Desktop
Remote Desktop
A Microsoft app that connects remotely to computers and to virtual apps and desktops.
4,189 questions
0 comments No comments
{count} votes

5 answers

Sort by: Most helpful
  1. Clément BETACORNE 2,026 Reputation points
    2021-12-16T13:15:54.233+00:00

    Hello,

    You can play with Windows Firewall in order to achieve what you want, below a thread regarding that to help you :
    https://social.technet.microsoft.com/Forums/windowsserver/en-US/49935196-6c86-4eed-863a-9d291497fb56/firewall-to-block-external-remote-desktop-connections?forum=winserversecurity

    Regards,

    0 comments No comments

  2. Limitless Technology 39,296 Reputation points
    2021-12-17T11:50:14.95+00:00

    Hi @Fabio Bernini

    Yes, this is possible, just follow the steps on the next thread's solution:

    https://learn.microsoft.com/en-us/answers/questions/235264/how-to-restrict-rdp-connection-to-specific-source.html

    Hope this helps with your query,

    --If the reply is helpful, please Upvote and Accept as answer--

    0 comments No comments

  3. Fabio Bernini 31 Reputation points
    2021-12-18T09:09:43.837+00:00

    Hi, thanks for the rides. I have read both links. For that of ClementBetacorne, maybe it's not what he's right.
    I explain better the situation is this: I have a client who would like to connect a remote employee (from home) but only by a specific notebook. I don't know why this idea but that's what he asked.
    The LimitlessTechnology-2700 link may perhaps solve the problem. I say maybe because I have the feeling that the computer must have performed the join to the domain. I say this because I did a test following what was said in the post and I think a computer object cannot be added to the firewall rule if it is not present in Active Directory. Unfortunately the notebook has Windows Home. I'll just have to try.

    0 comments No comments

  4. Fabio Bernini 31 Reputation points
    2021-12-28T14:22:42.73+00:00

    Hello everyone. In the end I tried the post method suggested by "LimitlessTechnology-2700". Unfortunately as I imagined in all probability the method works only with computers logged to the domain. In fact, computers without joining the domain all connect without problems. Unfortunately it does not solve my problem because any computer that has not joined the domain can connect.

    0 comments No comments

  5. Allan Lauritzen 11 Reputation points
    2021-12-28T21:47:46.84+00:00

    You could set up IPSEC with certificates on the affected machines, possibly in conjunction with NAP and use the Windows Firewall to filter RDP traffic which is coming in unencrypted.

    But it seems like a lot of work, If the pc has an static ip then maybe a firewall rule based on that ip ?

    Question is the non domain machine and the target server on the same network, or are you connectiong trhough an Firewall / network appliance that might do some sort of access control for you ?

    0 comments No comments