how to enable only two mac's with an ip

i guys sorry if this kind of question were asked in here, i searched but couldn’t find answer
i just got dizzy of all this different posts

what i would like to do is

to allow only two mac addresses (both my laptop one wifi one lan) to communicate with my server from any ip
thru rdp (svchost) on port 3389 obviously and anything else to get blocked

either way i set it it doesn’t work,

how to stealth all the ports when i run the stealth wizard and choose middle option i still see 3389 as open ?
thanks in advance

You need two rules for RDP connections, one Global and one for svchost:

Action - Allow
Protocol - TCP
Direction - IN
Source Address - Add the IP/MAC addresses of the PCs you’re connecting from here
Destination Address - ANY or better, use the MAC address of the server
Source Port - ANY
Destination Port - 3389

And your complementary Application rule:

Application name: Svchost.exe
Action - Allow
Protocol - TCP
Direction - IN
Source Address - Add the IP/MAC addresses of the PCs you’re connecting from here
Destination Address - ANY or better, use the MAC address of the server
Source Port - ANY
Destination Port - 3389

Add an additional Global rule that blocks IP in for ANY.

Action - Block and Log
Protocol - IP
Direction - IN
Source Address - ANY
Destination Address - ANY
IP Details - ANY

hi thanks for the answer

unfortunately it doesn’t work :confused:
whenever i add this global rule to block any ip i can’t connect at all
once i remove it’s all is ok

about those two rules from the beginning of your post
even if i set it to allow only certain mac addresses
i’m still asked by firewall if it should allow connection from my ip number to the server
almost like it would ignore that rule about mac addresses filtering
any idea what could it be ?

also just in case i uninstalled firewall and installed it again just to make sure
that none of any previous settings is affecting that connection
regards

Can you post a screen shot of the rules you’ve created, as the rules I posted do work.

there you go
regards

[attachment deleted by admin]

Change the source PC address from MAC to IP, otherwise, unless both machines are on the same subnet, the MAC address will be that of the last router the packet passed through, not that of the originating PC.

the problem is i connect from various places that usually have dynamic ip so it’s not going to work :confused: i need mac filtering, the rules are they set right way ? maybe there is another way to bypass that ?

You could use a VPN such as Hamachi and possibly Comodo Unite which I believe is quite similar.

:confused: i was hoping that there could be a way of setting that without vpn to keep things the most simply as possible, does unite offer drive mapping over internet (not intranet) with ssl ? or does it have enough strong encryption ?

I’m afraid I have no idea as I’ve never used the product, but I’m sure someone else will be able to help, perhaps you should ask in the appropriate forum

yep thanks for your help man appreciate that :slight_smile: