Hot!Can't RDP to server after enable IPS Profile

Author
tester00131
New Member
  • Total Posts : 2
  • Scores: 0
  • Reward points: 0
  • Joined: 2020/08/28 09:57:08
  • Status: offline
2020/08/28 10:01:22 (permalink)
0

Can't RDP to server after enable IPS Profile

I want to protect my server from RDP Brute forces but after enable Security Profiles. I can't access to server anymore.
 
#1

2 Replies Related Threads

    Yurisk
    Silver Member
    • Total Posts : 100
    • Scores: 22
    • Reward points: 0
    • Joined: 2011/12/04 03:30:01
    • Status: offline
    Re: Can't RDP to server after enable IPS Profile 2020/08/30 22:30:41 (permalink)
    0
    - Without looking at your policy & Security Profile impossible to say what might have happened.
    - Fortigate does not proxy RDP connections so it will not differentiate between successful/failed RDP login attempts to block the brute force flood. 
    #2
    tester00131
    New Member
    • Total Posts : 2
    • Scores: 0
    • Reward points: 0
    • Joined: 2020/08/28 09:57:08
    • Status: offline
    Re: Can't RDP to server after enable IPS Profile 2020/08/31 00:23:27 (permalink)
    0
    My config is
    #####
    config firewall policy
    edit 5
    set name "NATING_to_WEBs1"
    set uuid ****
    set srcintf "VLAN 401"
    set dstintf "VLAN 410"
    set srcaddr "y.y.y.y"
    set dstaddr "WEBs1toINTERNET" # this object is NAT public : 180.1x.x.x to private 192.168.1.10
    set action accept
    set schedule "always"
    set service "ALL"
    set utm-status enable
    set ips-sensor "default"
    set logtraffic all
    next
    end
    #####
     
    IF I try to RDP to 180.1x.x.x  when enable ips-sensor, result is fail. 
    IF I try to RDP to 180.1x.x.x  when disable ips-sensor, result is success. 
    #3
    Jump to:
    © 2020 APG vNext Commercial Version 5.5