I am curious if I can secure both MS network file sharing and Remote Desktop access services that way to allow all connections from home network and block any connections from public network except connections from known devices. These devices could connect from various IPs, not predictable.
Is there an option to recognize and whitelist them? I see on firewall choice to identify connections by MAC address, unfortunately it seems that connections from outer network come without MAC ID.
As a possible solution leaving the ports open for all IPs offers, but I'm really not sure how much security risk this introduces. Does it?
From firewall log I see many attempts from unknown addresses to connect SMB ports.