Strategy for RDP to server behind firewall?

I have a Sophos XG behind which is a server which I'd like to access via RDP. I have DNAT setup to forward the port to the server, but I don't want to leave it turned on all the time. I could turn on remote HTTPS to the FW, and turn the DNAT rule on and off as needed. Any other reasonably secure strategies?

Thanks!



Edited TAGs
[edited by: emmosophos at 6:56 PM (GMT -7) on 5 Aug 2022]
Parents
  • VPN to allow RDP is a good solution ... as stated by Emmanuel.
    If you DNAT RDP, you should allow access from some external IP's only.


    Dirk

    Systema Gesellschaft für angewandte Datentechnik mbH  // Sophos Platinum Partner
    Sophos Solution Partner since 2003
    If a post solves your question, click the 'Verify Answer' link at this post.

Reply
  • VPN to allow RDP is a good solution ... as stated by Emmanuel.
    If you DNAT RDP, you should allow access from some external IP's only.


    Dirk

    Systema Gesellschaft für angewandte Datentechnik mbH  // Sophos Platinum Partner
    Sophos Solution Partner since 2003
    If a post solves your question, click the 'Verify Answer' link at this post.

Children
No Data