GPO To Set Firewall Exception For Windows 10 RDP

Slingshot recently rolled out several Windows 10 Pro systems for a customer, and discovered their existing GPO’s firewall rules weren’t enough to allow RDP from within the LAN.

Susan’s post Windows 10 and SBS/Essentials Platforms showed how to do it as a one-off.  But I wanted a GPO!  Google let me down, returning a lot of confusion and complicated workarounds.  (I shared this with Susan and she blogged it, which reminded me of my own blog, duh, so here it is!)

I went exploring GPO, and found the right setting under the Advanced Firewall section:  Computer Configuration->Windows Settings->Security Settings->Windows Firewall with Advanced Security->Inbound Rules->New Rule->Predefined->Remote Desktop – RemoteFX :
GPO for W10 RDP

That’s it!  Tested and confirmed working in production.

(Note: this is in addition to the usual rules at Computer Configuration->Administrative Templates->Network Connections->Windows Firewall->Domain Profile)

 

Bookmark the permalink.

7 Responses to GPO To Set Firewall Exception For Windows 10 RDP

  1. Tal says:

    Thank you so much Rob. I had already set the rule in the usual place, and never thought there was a second place. Even all the MS guides don’t mention this.

    Working fine now. Thanks again!

  2. Éric Sylvain Périard says:

    Was this GPO generated from a Windows 2012 R2 server?

    I’m running a 2012 R2 AD box with the latest Windows 10 ADMX and I do not see this predefined rule.

  3. Rob Eberhardt says:

    Hi Eric. I believe it was on 2008 R2 box, but I would have expected 2012+ to be the same.

  4. Gopal Sharma says:

    i do not get remotefx in predefined firewall. i cant connect remote desktop to my computer (win10 64bit) from my windows phone 8.1. But when i turn off private firewall, then i can connect. i have tried to set all inbound rules related to remote desktop/assistance but not worked. I need your help please

  5. Neil says:

    Same here, this option was not available. I only have Remote Desktop as an option, however this was sufficient for RDP on the LAN.

  6. Greg Woods says:

    I had assumed the answer lay in updating the ADMX templates, but these don’t appear to add the new Windows 10 “Remote Desktop – User Mode” options to the Security part of the Group Policy.

    Your fix works perfectly, even though, once the policy is deployed, I cannot see any trace of “Remote Desktop – RemoteFX” on my Windows 10 PC.

  7. David Jones says:

    “(Note: this is in addition to the usual rules at Computer Configuration->Administrative Templates->Network Connections->Windows Firewall->Domain Profile)”

    Their the ones I’m having difficulty finding information on. The GUI part you’ve shown is the easy part!

Leave a Reply to Tal Cancel reply

Your email address will not be published. Required fields are marked *