How to set up limited remote access to the server?

S

Slade2018-06-07 17:14:00

Remote access

Slade, 2018-06-07 17:14:00

Good day.
I am new to administration. Got Windows Server 2016 standart edition. Has one network adapter with external IP.
I need to organize remote access to this machine for a small number of users (up to 50 people). At the same time, for security reasons, prohibit incoming connections for all others.
The main problem is that most users do not have dedicated (white) IP addresses, which makes setting up an address filter through the Windows Firewall difficult and very inconvenient.
I would like to know what options for setting up secure access in my case?

Reply

Answer the question

In order to leave comments, you need to log in

4 answer(s)

A

Alexander, 2018-06-07
@Slade

I would not recommend sticking out the RDP port (at least the standard one) - so that all sorts of bots do not hammer it (the constant launch of winlogon devours resources). Make a VPN and let them connect first to it, and then to RDP.

E

EvgenyT, 2018-06-07
@EvgenyT

If your users have domain accounts, then these accounts can be placed in the remote connection users group. All other users will not be able to connect.

C

CityCat4, 2018-06-07
@CityCat4

VPN.
You can even use a standard Windows one - not a cake, but without fish you will turn into cancer yourself :)
Everyone who needs a VPN - in a group like "VPN access" and access to VPN only to this group. The rest will not be able to connect.
Allow RDP only for LAN - bots will constantly hack the server, sorting out the password.