Windows Remote Desktop blocking

[JimCanaday]

Can anyone answer a question about Untangles ability to selectively block outbound Remote Desktop? I have remote users that must be able to remote desktop into my servers but, at the same time, must not be able to RD anywhere else.

There is a site-to-site IPSec VPN. The remote users are at 192.168.3.x/24 and the main office is at 10.0.0.x/24.

They are currently RD'ing to a 10.0.0.x:3389 server through the VPN, but it doesn't matter if they have to switch to my outside IP.

The remote site is a prison and the users are offenders - and they are not allowed internet access. When they RD into my server, it boots into an application other than explorer. I need to make sure they cannot RD into ANY other computer and then reach the internet. I've managed all my other security requirements through Group Policy and Proxy Servers but, this requirement has me stymied. Can Untangle help?

Thanks in advance

[sky-knight]

The firewall responsible for the 192.168.3.x/24 segment...

Block All by default... pass rule that stipulates access to destination address of 10.0.0.0/24 destination port 3389?

This is firewalling 101...

[JimCanaday]

Wow. I guess I'm just too used to lame firewalls, (like the windows firewall) that don't normally filter any outbound traffic, to think of the obvious.

I am suitable humbled by having the obvious pointed out to me and thankful you were polite about it.

Thank you.

[sky-knight]

The windows firewall is quite potent when configured correctly. But, it is certainly no substitute for a real firewall in the network chain. Untangle's firewall only filters TCP and UDP traffic, so if using Untangle for this purpose keep that in mind. You may need to leverage the packet filter to prevent other protocols from passing as well.