RDP and Blocking 3389

Hello All,

After reading this Is Your RDP Service Secure? | Twingate on using the application to allow for RDP whilst not exposing port 3389 what is the true solution’s to still being able to RDP into your Server if you still have to Have a public IP ( For other whitelisting purposes)

Hope this all makes sense… I’m guessing the only solution’s is to open 3389 or find another PORT for RDP which can still be scanned because the IP is Public.

Any suggestions?


How can i Use the Service to Have a secure RDP connection whilst having a Public IP because i need it for other service whitelisting

hi @zSolo,

there is no requirement to have a public IP attached to Connectors in Twingate. You do not need to open port 3389 publicly to achieve connectivity.

Hey @Bren

On my end i need a Public IP so my vendor can whitelist the Server. But when i Block 3389 even with Twingate connected i cannot RDP into the Server

You would need to block inbound connections to port 3389 but allow inbound traffic from the private IP of your Connector through port 3389: this way no public traffic can connect to your Windows server via port 3389 and only the Connector (from its private IP) can: this way, a user will need to be connected to Twingate (and have their traffic routed via the Connector) to access your server.

Thanks @Bren Your goated!