Google Workspace - Professional Emails
Protect your Lenovo Server
Contact WhatsApp

Restricting Windows Server Access to India IP Addresses Only (Geo-IP Blocking)

📅 29 Dec 2025 📂 General 👁 41 views

Unauthorized access attempts on Windows Servers—especially via Remote Desktop Protocol (RDP)—are a common security risk. Servers exposed to the public internet are continuously scanned and attacked from global IP ranges. Restricting server access to India-based IP addresses only is an effective hardening measure to significantly reduce attack surface.

This Knowledge Base article explains how to restrict Windows Server access to Indian IPs and block all other countries, with practical implementation methods, technical considerations, and best practices.

This guide applies to Windows Server 2016 / 2019 / 2022 environments.

Technical Overview

What is Geo-IP Restriction?

Geo-IP restriction is a security control that allows or blocks network traffic based on the geographical location of the source IP address. IP addresses are allocated regionally by Internet registries (e.g., APNIC for Asia-Pacific).

By allowing only India (IN) IP ranges and blocking all others, the server becomes inaccessible to foreign networks, preventing:

  • RDP brute-force attacks

  • Credential stuffing

  • Automated vulnerability scans

  • Botnet traffic

  • Unauthorized admin access

Common Use Cases

Geo-IP access restriction is recommended for:

  • Windows Servers with public/static IPs

  • RDP-enabled servers

  • Office or internal servers accessed only from India

  • Accounting, ERP, or AMC management servers

  • Client servers requiring regulatory or security compliance

  • Servers previously exposed to suspicious activity

Implementation Options (Recommended Order)

Option 1: Firewall / Router-Level Geo Blocking (Best Practice)

If your server is behind a firewall or UTM device, apply geo-blocking at the network edge.

Supported devices include:

  • Sophos Firewall

  • FortiGate

  • SonicWall

  • MikroTik

  • Cisco ASA

  • Cloud firewalls (AWS, Azure, GCP)

Configuration logic:

  • Allow country: India (IN)

  • Block country: All others

  • Apply to: RDP (3389 or custom), SSH, Admin ports

Advantages

  • Strongest protection

  • No load on server

  • Harder to bypass

  • Centralized control

Option 2: Windows Defender Firewall (Server-Side)

If no hardware firewall is available, Windows Server Firewall can enforce IP-based restrictions.

Step-by-Step: Restrict RDP Access to India IPs Using Windows Firewall

Step 1: Obtain India IP Ranges

Use trusted sources:

  • APNIC

  • ipdeny.com (India zone list)

Example IP ranges (sample only):

103.0.0.0/8
106.0.0.0/8
110.0.0.0/8
112.0.0.0/8
113.0.0.0/8

⚠️ India has hundreds of IP ranges. Use the complete list for production.

Step 2: Create Allow Rule for India IPs

  1. Open Windows Defender Firewall with Advanced Security

  2. Go to Inbound Rules

  3. Click New Rule

  4. Select Port

  5. Protocol: TCP

  6. Port: 3389 (or your custom RDP port)

  7. Action: Allow the connection

  8. Profile: Domain / Private / Public (as applicable)

  9. Name:

    ALLOW RDP – INDIA IPs

Configure Scope

  • Open rule properties

  • Go to Scope

  • Under Remote IP address, select:

    • “These IP addresses”

    • Add all India IP ranges

Step 3: Create Block Rule for All Other IPs

  1. New Rule → Port → TCP

  2. Port: 3389

  3. Action: Block the connection

  4. Profiles: All

  5. Name:

    BLOCK RDP – NON INDIA

? Ensure Allow India rule is above Block rule in rule order.

Optional Enhancements (Strongly Recommended)

Change Default RDP Port

Default port 3389 is globally scanned.

Example custom port:

49225

Update:

  • Registry

  • Firewall rules

  • Router/firewall NAT (if applicable)

Enable Network Level Authentication (NLA)

Path:

System Properties → Remote → Advanced

Enable:

  • “Allow connections only from computers running Remote Desktop with NLA”

Restrict Administrator RDP Access

  • Create a new admin user

  • Disable RDP login for built-in Administrator

  • Use role-based admin accounts

VPN-Only Admin Access (Best Security)

  • Disable public RDP

  • Require VPN login first

  • Allow VPN access only from India IPs

Commands (Optional – PowerShell Example)

Example only (single IP range)

New-NetFirewallRule `
  -DisplayName "ALLOW RDP INDIA" `
  -Direction Inbound `
  -Protocol TCP `
  -LocalPort 3389 `
  -RemoteAddress 103.0.0.0/8 `
  -Action Allow

Common Issues & Fixes

Issue: Locked out after rule creation

Fix:

  • Always test from India IP

  • Keep console / iLO / KVM access

  • Do not block before verifying allow rule

Issue: Dynamic ISP IP changes

Fix:

  • Use VPN

  • Regularly update IP ranges

  • Use firewall with auto geo updates

Issue: India IP list too large

Fix:

  • Use firewall/router geo blocking instead of Windows Firewall

Security Considerations

  • Geo-IP restriction reduces risk but is not absolute

  • VPNs with Indian exit nodes can bypass basic geo rules

  • Always combine with:

    • Strong passwords

    • Account lockout policy

    • Event log monitoring

    • Defender / EDR protection

Best Practices Checklist

  • ✔ Remove unused admin tools

  • ✔ Change default RDP port

  • ✔ Restrict admin logins

  • ✔ Enable firewall logging

  • ✔ Monitor Event ID 4625 (failed logins)

  • ✔ Keep Windows updated

  • ✔ Use VPN for admins

  • ✔ Backup before firewall changes

Conclusion

Restricting Windows Server access to India IP addresses only is a highly effective security hardening measure. When implemented correctly—preferably at the firewall level—it significantly reduces exposure to global attacks while maintaining legitimate access.

For production servers, geo-blocking should always be combined with VPN access, strong authentication, and continuous monitoring.


#windowsserver #rdpsecurity #geoblocking #cybersecurity #serverhardening #windowsfirewall #infosec #itsecurity #networksecurity #rdp #windowsserver2019 #serveradmin #firewallrules #secureaccess #indiageoip #datacentersecurity #systemadministrator #itoperations #securitybestpractices #serverprotection #firewall #vpnsecurity #rdpattack #bruteforceprotection #infrastructuresecurity #enterpriseit #soc #windowssecurity #accesscontrol #defensivesecurity #itgovernance #compliancesecurity #endpointsecurity #secureinfrastructure #adminsecurity #networkdefense #zerotrust #threatprevention #servermanagement #itkb #technicaldocumentation #infosecops #windowsinfra #securityhardeningguide #rds #privilegedaccess #securitypolicy

windows server geo blocking restrict rdp india ip windows server firewall ip restriction rdp security hardening block foreign ip windows server geo ip firewall windows secure rdp windows server india ip access windows windows server 2019 rdp secur
Was this article helpful?
Sponsored
Web Hosting Affiliate Ad
Insurance Affiliate Ad
Insurance Affiliate Ad