Hello, I was thinking about allowing only local IP range (from withing my organization) to my machine (via remote desktop that I want to run at home). I'll be using VPN and will get my organizations IP range when connecting (thus I will automaticallty get an ip from my organizations range). Is it possible to restrict ip range that is allowed for remote desktoping to my computer? If possible, how should I do it exactly? Regards Zoran

Hi, From the command line: netsh advfirewall firewall add rule name="Inbound_RDP" dir=in action=allow protocol=tcp localport=3389 localip=any remoteip=localsubnet description= "Allow Remote Desktop" more exemple : netsh advfirewall firewall add rule /? (or use mmc.exe with the snapin "firewall with advanced settings") Hope this help jean-marc Habyjean-marc Haby

You can go through graphic interface to achieve purpose by following steps 1. Go to Control Panel\System and Security\Windows Firewall, chose the Advanced settings. 2. Chose the Inbound Rules, chose New Rules. 3. Chose Port , next. 4. Chose TCP and Specific local ports, type 3389 in the textbox,next. 5. Chose Allow the connection,next. 6. Check Domain, Private, Public in the checkbox. 7. Type a name for this policy and finish. Then the rule will appeared in the list. 8. Double click the rule, chose the Scope tab. 9. Chose These IP address in Remote IP address, click add and type the address or subnet in the textbox. Or chose “local subnet” under Predefined set of computers.