The first method:
1, open the firewall with Windows from
2. Open allow exceptions, select Remote Desktop-> edit, select Remote Desktop Services-> change range, select a custom list, fill in the Allowed access IP.
The second method:
1. CMD run gpedit.msc open Group Policy console
2. Expand the Computer Configuration-> Management Template-> Network-> network connection->windows firewall-> domain configuration file find allow Remote Desktop exception, select Allow, and then fill in the appropriate IP list.
Also expand Computer Configuration-> Administrative Templates-> Network-> network connection->windows firewall-> Standard profile
3. Cmd runs the Gpupdate/force, if not effective again runs Gpupdate/target:computer.
Note: Do not enable the firewall Advanced-> Network connection setting-> the Remote Desktop option in the appropriate network connection-> settings, otherwise the above setting will be invalid.
The third method:
DOS command restricts landing IP for Remote Desktop
Add a remote IP limit with a port number of 8081
netsh firewall add portopening all 8081 DNS ENABLE CUSTOM 157.60.0.1,172.16.0.0/16,10.0.0.0/255.0.0.0
Set up an accessible remote IP for port number 8081
netsh firewall set portopening all 8081 Remote Desktop ENABLE CUSTOM 157.61.0.1,172.17.0.0/255.255.255.0
Remove a remote limit of 8081 for a port number
netsh firewall delete portopening TCP 8081