If RDP must be enabled without a VPN follow these instructions.
1) Configuration > Access Rules > Create this the first time only.
- Interface: Outside or ISP
- Source: Use a Network object Group (step 4) not an IP here. The value must never be set to ANY.
- Service: tcp/3389 (do not create a rule for the mapped port)
2) Configuration > NAT Rules
3.1) Provide the following:
- Name: Unique name With RDP_
- IP Address: Add the Office PC Internal IP
- Set statically or assigned via DHCP
- Add this to CRM > Contact
- Translated Addr: Interface that user is connecting to
3.2) Click Advanced
- Real Port:3389
- Mapped Port: can be anything below ~65,000
4) On the left under addresses find the group to add the user to with a name and Source IP (aboutmyip.com). This group must be in the source list from step 1
5) Create an RDP connection file in T:\RDP\Client that includes:
- Computer: Router IP: Mapped port from step 3.2
- domain\username
