Does anyone know a way to limit the number of connections per IP address to a server?
Trying to stop a single device flooding our rdp gateway.
WatchGuard M4600 (x2 Cluster)
WatchGuard M640 (x2 Cluster)
Firmware : 12.8
Not from an IP addr.
The options are only to limit max connections per second from all IP addrs.
Is your RDP gateway open to the Internet ?
If so, we do not recommend that at all.
Have your users connect using VPN or via the authentication applet, and then allow RDP from those users.
We use vpn for most things, but we have to provide RDP access for unmanaged devices which means using M$ RDGateway (ex TSGateway) over 443.
You can set these options:
Per Server Quota
The Per Server Quota applies a limit to the number of connections per second from any external source to the Firebox external interface. This includes connections to internal servers allowed by a static NAT policy. The Per Server Quota is based on the number of connection requests to any one destination IP address, regardless of the source IP address. After the threshold is reached, the Firebox drops incoming connection requests from any host.
For example, when the Per Server Quota is set to the default value of 100, the Firebox drops the 101st connection request received in a one second time frame from any external IP address. The source IP address is not added to the blocked sites list.
Thanks Mark. We have a pool of 45 PC's load-balanced through the RDgateway and what we are trying to stop is one student logging onto multiple pc's and hogging resources. So connections per second will be really low and i dont think it will achieve what we are trying to.
I would simply block that student from all RDP access for a week. That will fix them.