Hello GPO guru,
I am trying to configure domain GPO settings for the Windows Defender Firewall with Advance Security for Tier domain access.
This is the requirements:
From IT Desktops:
Outbound: Denied RDP from all IT Desktops to all users Workstations, and Member Servers.
From PAW (Privilege Access Workstation)
Inbound: Only except RDP connection from IT Desktops or a subnet.
I try everything I can think of, but nothing is working.
Thanks for your help
Hi@brichardi,
Have you tried to create rules by using the following guides?
From IT Desktops:
https://docs.microsoft.com/en-us/windows/security/threat-protection/windows-firewall/create-an-outbound-port-rule
From PAW (Privilege Access Workstation)
https://docs.microsoft.com/en-us/windows/security/threat-protection/windows-firewall/create-an-inbound-port-rule
I've seen the article that you included, I tested it, but its not working. Anyway, I figured out, and now it working. Everyone is denied when they are RDP directly to server/desktop unless they're RDP from the PAW server.
Another issue that I have configured the FW on the local desktop/server to test and everything is working fine, but when I transfer the GPO setting to domain GPO, I can see the GPO is applied, but the RDP policies settings didn't work.
I have made sure the test PC/Server is in a test OU with Block inheritance, so there is no conflict with other GPO.
May be there are differences in GPO templates. My servers are windows 2016, PCs are windows 10, and Domain Controller still 2012 R2.
6 people are following this question.
