How to limit Remote Desktop Connection connections to a specific network interface in Windows XP

Article translations Article translations
Article ID: 924927 - View products that this article applies to.
Expand all | Collapse all

On This Page

INTRODUCTION

By default, Microsoft Windows XP Remote Desktop and Terminal Services use all available network interfaces to listen for Remote Desktop Protocol (RDP) requests. As a security option, you may want to limit this to a specific network interface.

This article describes how to configure the listening interfaces on a Windows XP-based computer.

MORE INFORMATION

Method 1: Create a policy to block RDP requests from a specific network interface in Windows XP with Service Pack 2 (SP2)

To create a firewall policy to block RDP requests from a specific network interface in Windows XP SP2, follow these steps:
  1. Click Start, click Run, type firewall.cpl, and then click OK.
  2. On the Advanced tab, click to select the connection for which you want to configure RDP connections under Network Connection Settings, and then click Settings.
  3. On the Services tab, locate Remote Desktop, click the check box to enable or disable the option, and then click OK.
  4. Repeat step 3 for the remaining network connections.
Note These steps can differ from one firewall to another.

Method 2: Manually edit the registry and add registry entries to enable listening for RDP requests

Important This section, method, or task contains steps that tell you how to modify the registry. However, serious problems might occur if you modify the registry incorrectly. Therefore, make sure that you follow these steps carefully. For added protection, back up the registry before you modify it. Then, you can restore the registry if a problem occurs. For more information about how to back up and restore the registry, click the following article number to view the article in the Microsoft Knowledge Base:
322756 How to back up and restore the registry in Windows


To manually edit the registry and add registry entries to enable listening for RDP requests, follow these steps:
  1. Click Start, click Run, type regedit, and then click OK.
  2. Locate and then click the following registry subkey:
    HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters\Interfaces
  3. Right-click the GUID of the network adapter you want RDP to listen on, and then click Copy Key Name.
  4. Locate and then click the following registry subkey:
    HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Terminal Server
  5. On the Edit menu, click New, and then click Key.
  6. Type lanatable, and then press ENTER.
  7. Right-click the lanatable subkey, click New, and then click Key.
  8. Paste the GUID name that you copied in step 3. Delete any path information that is in the pasted text.
  9. Right-click this new key, click New, and then click DWORD Value.
  10. Type LanaId and then press ENTER.
  11. Double-click LanaId, type 1, and then click OK.
  12. Locate and then click the following registry subkey:
    HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Terminal Server\Winstation\RDP-Tcp
  13. Double-click LanAdapter, change the value to 1, and then click OK.
  14. Exit Registry Editor.
  15. Restart the computer.

Properties

Article ID: 924927 - Last Review: October 6, 2006 - Revision: 1.4
APPLIES TO
  • Microsoft Windows XP Professional
  • Microsoft Windows XP Home Edition
  • Microsoft Windows XP Media Center Edition
  • Microsoft Windows XP Tablet PC Edition
Keywords: 
kbinfo kbexpertiseadvanced kbhowto KB924927

Give Feedback

 

Contact us for more help

Contact us for more help
Connect with Answer Desk for expert help.
Get more support from smallbusiness.support.microsoft.com