diff --git a/conf/default_ports.conf b/conf/default_ports.conf
index 61bdb85..c45dcb8 100644
--- a/conf/default_ports.conf
+++ b/conf/default_ports.conf
@@ -25,6 +25,7 @@ standard_ntp_port=123
 standard_pgp_keyserver_port=11371
 standard_print_port=9100
 standard_print_raw_port=515
+standard_rdp_port=3389
 standard_remote_console_port=5900
 standard_silc_port=706
 standard_smtp_port=25
diff --git a/conf/main_ipv4.conf.sample b/conf/main_ipv4.conf.sample
index e381cba..f5dfaf7 100644
--- a/conf/main_ipv4.conf.sample
+++ b/conf/main_ipv4.conf.sample
@@ -1297,6 +1297,21 @@ declare -A rm_server_dmz_arr
 remote_console_port=5900
 
 
+# ======
+# - Remote Desktop Dienste
+# ======
+
+# - RDS Server local Networks
+# -
+# - Blank separated list
+# -
+rds_server_ips=""
+
+# Listen RDP Port
+#
+rds_server_tcp_port="$standard_rdp_port"
+
+
 # ======
 # - Ubiquiti Unifi
 # ======
diff --git a/conf/main_ipv6.conf.sample b/conf/main_ipv6.conf.sample
index a178e17..63b0dff 100644
--- a/conf/main_ipv6.conf.sample
+++ b/conf/main_ipv6.conf.sample
@@ -1269,6 +1269,21 @@ declare -A rm_server_dmz_arr
 remote_console_port=5900
 
 
+# ======
+# - Remote Desktop Dienste
+# ======
+
+# - RDS Server local Networks
+# -
+# - Blank separated list
+# -
+rds_server_ips=""
+
+# Listen RDP Port
+#
+rds_server_tcp_port="$standard_rdp_port"
+
+
 # ======
 # - Ubiquiti Unifi
 # ======
diff --git a/conf/post_decalrations.conf b/conf/post_decalrations.conf
index 52b62ec..7641bdd 100644
--- a/conf/post_decalrations.conf
+++ b/conf/post_decalrations.conf
@@ -535,6 +535,16 @@ for _ip in $rm_server_ips ; do
    rm_server_ip_arr+=("$_ip")
 done
 
+
+# ---
+# - IP Addresses RDS Service
+# ---
+declare -a rds_server_ip_arr=()
+for _ip in $rds_server_ips ; do
+   rds_server_ip_arr+=("$_ip")
+done
+
+
 # ---
 # - IP Addresses Rsync Out
 # ---
diff --git a/ipt-firewall-gateway b/ipt-firewall-gateway
index 3521efc..37eae90 100755
--- a/ipt-firewall-gateway
+++ b/ipt-firewall-gateway
@@ -4705,6 +4705,36 @@ else
 fi
 
 
+# ---
+# - Remote Desktop Dienste (RDS)
+# ---
+
+echononl "\t\tRemote Desktop Dienste (RDS)"
+
+
+if [[ ${#rds_server_ip_arr[@]} -gt 0 ]]; then
+   for _ip in ${rds_server_ip_arr[@]} ; do
+
+      $ipt -A OUTPUT -p tcp -d $_ip --dport $rds_server_tcp_port -m conntrack --ctstate NEW -j ACCEPT
+      
+      if $kernel_activate_forwarding && ! $permit_between_local_networks ; then
+         $ipt -A FORWARD -p tcp -d $_ip --dport $rds_server_tcp_port -m conntrack --ctstate NEW -j ACCEPT
+
+         # - Rule is needed if (local) interface aliases in use (like eth0:1)
+         # -
+         if $local_alias_interfaces ; then
+            $ipt -A FORWARD -p tcp -d $_ip --dport $rds_server_tcp_port --tcp-flag ACK ACK -j ACCEPT
+            $ipt -A FORWARD -p tcp -s $_ip --sport $rds_server_tcp_port --tcp-flag ACK ACK -j ACCEPT
+         fi
+      fi
+   done
+
+   echo_done
+else
+   echo_skipped
+fi
+
+
 # ---
 # - Munin Service Gateway
 # ---