In the past there was a port forward set up for RDP on my router. A hole that is now plugged with firewall rules and targeted IPs until I get budget for a VPN.
No lectures please - Believe me I know!!
Unfortunately the scum saw it and I have thousands of instances of brute force hacks hitting the firewall every day.

Can I enhance the block filters now with a rule that will collect and block IPs entirely after so many attempts on a port?

It's not possible to do this currently - you would need to do this on the server itself. The reason being; how would the router know whether a session is successful or unsuccessful? It would need to be aware of the protocol and it's possible that the success/failure messages are encrypted.

Try using Port Redirection to open RDP on another external, randomly numbered port rather than 3389, I've found that typically stops automated access attempts, though it isn't actually more secure.
It's more secure to use the router's VPN server to make a secure tunnel, where possible, then connect RDP through that.

Hi admin3, thanks for the reply

I've set up a filter to only allow through connections from a limited number of IP addresses, so the firewall is now fielding the attempts from the rest of the world.

I was using a port other than 3389, so I'll switch it again now and see if the pestering stops.

Port changed. All quiet. Silence is golden!

As Admin3 says really.

What router are you running? Have you got an old server knocking about that will put you behind the firewall via at least pptp maybe?