Firewall blocks rdp

NethServer Version: 7.7.1908
Module: firewall

I have a problem. I can’t connect from the internal network to other computers that are on the Internet (outside) via RDP. Where can I disable this prohibition in the firewall?

Did you searched into logs?


Normally all outgoing connections are allowed…

Is your NethServer directly connected to the Internet, or is another Firewall in between?

My 2 cents

NS is connected to the Internet directly.
Connection RDP is only possible when the firewall rules are being saved (nethserver-openvpn-save (S95trusted-networks-modify)
75%) and then disconnects.

Tell me in which log you need to look for a problem? (/var/log/firewall.log)? I could not find anything there.
Can another service block outgoing RDP?


Any tips here?
I don’t use NethServer as a firewall so I’m a bit out of my depth here…

Can only provide general Firewall knowledge, not specific to NethServer.
Seems to me an issue with OpenVPN, when that specific config is being updated, then the rules (or OpenVPN) is temporarily not active, during this short time RDP seems to work.

It could also have to do with Routing for OpenVPN.

My 2 cents

ISP, IDS/IPS, proxy, content filtering.
Anyway… Feel free to create a rule from any to red for allowing traffic to port 3389 TCP and UDP.


I made a rule in the firewall
Applications - Firewall - Rules
it is right?


Is the same that i’ll write down. Please, update for any kind of result.

Not. This rule does not work. There is no rdp access.

Did you enabled any of these services on your setup?

I disabled IPS and VPN, but that didn’t help either.

Can you connect directly to your CPE (device provided by ISP) and try to connect to public RDP?

sorry. I do not understand your message.

I would try to bypass NethServer with a computer for verify if your ISP allows you to connect to RDP.
So i’d try to connect the pc directly to the router you’re using for a brief test…

At the time of applying the firewall rules, I can connect via rdp. But as soon as the update of the firewall rules is completed, I can no longer connect via rdp. Therefore, the provider does not block RDP. My router is NS.

So… scrub the logs. Maybe you’ll find which service/setting is blocking RDP traffic. Even into your firewall rules (don’t forget that they are applied in order: if your rule is after another one which contradicts, the first one will match and the subsequent won’t be elaborated).
As default NethServer do not block any outgoing traffic.

This problem appeared after installing the vpn module on March 20. before that there were no problems with rdp.

Quite strange… Summoning @giacomo, hoping that he can look for something.

@Valeriy most of Nethesis people are in Italy like me (I have no relations with the project or the company), it’s quite a tough period, so the answers won’t be “fast”.

Don’t forget to fully update your installation.

1 Like

That’s the right place.
Also check if the IP has been blocked by fail2ban (/var/log/fail2ban.log), if installed.

I don’t think it’s related, but please post the list of packages updated March 20 (/var/log/yum.log).


TY Giacomo

1 Like