We allow users to connect to their computers in work via Remote Desktop over VPN connection. Within the office they can connect to other networks but for security reasons cannot do so from home as many come in from potentially unsecure wireless connections. Using Remote Desktop, users can obviously bypass all this and although it all happens within an RDP session, it's still a potential security hole.Is it possible to apply a policy that would mean when users are connected via RDP they can only access defined networks?Thanks in advance,David

Hi,I'm not an expert on Remote Desktop but....If you run Remote Desktop (type remote into Start Menu search) and under the 'Advanced' tab there's a Connect from anywhere 'Settings'. I'm wondering if there's anything there that could help you.Sorry I couldn't be more specific :(JeffIf anyone is helpfull, please click the 'Vote as helpfull' icon. If anyone has answered, please click 'Suggest as answer' at the bottom of the post involved :) Thanks

Thanks for the reply. I'm specifically referring to a security policy that would be applicable to users once they are within the RDP session. I'm guessing that it's not possible within RDP - have looked into all the Group Policy settings available for RDP, but am wondering if there is anything within Windows Firewall / IPSec that would allow rules to be set so that certain network access could be blocked when a user is within an RDP session. I'm also referring specifically to Windows Vista / 7 desktops as opposed to a Terminal Server.Hope this helps make things clearer.David

If your users are connected via RDP they can do everything they can when logged on locally to the system. There is no way to make your workstations act different on RDP logon than for local logon. You can however block the client from using the certain resources like remote drives when connected via RDP. This way you can block file transfers over the RDP connection. You can use Group Policy to do this. Look for the settings under Computer Configuration | Administrative Templates | Windows Components | Remote Desktop Services | Remote Desktop Session Host | Device and Resource Redirection.I hope this helps you to create a more safe solution.Ray