• Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 1069
  • Last Modified:

how could i block 1 ip address in windows server 2008 from visiting

block 1 ip address

what are ALL the different ways to do this
0
rgb192
Asked:
rgb192
1 Solution
 
BlackIce80Commented:
the simpliest would be windows firewall inbound rule.
but you could also use an ipsec rule.
or in iis the url rewrite module
0
 
rgb192Author Commented:
is there a way to do this without using windows firewall or ipsec
0
 
e2p2Commented:
The easiest and simplest way in W2K8 is to use the builtin Windows Firewall.  it is enabled by default and blocking one IP address is a strait forward process.

Go to the Windows Firewall, accessed through the Administrative Tools.  Click on Inbound Rules, then Right-Click on the Inbound Rules (both are required). Choose New rule.  Set Rule Type to Custom, click next.  Leave the next screen set to All Programs, click next.  Leave protocol type set to any, click next.  On the next screen leave the Local IP set to any.  Change the Remote IP to "These IP Addresses" then add the address you want to block, click next.  On the Action screen select block the connection, click next.  Click Next on the next screen.  Finally give the rule a name, click next.  You are finished.
0
Problems using Powershell and Active Directory?

Managing Active Directory does not always have to be complicated.  If you are spending more time trying instead of doing, then it's time to look at something else. For nearly 20 years, AD admins around the world have used one tool for day-to-day AD management: Hyena. Discover why

 
e2p2Commented:
You will need to Right-Click on the Inbound Rules and choose refresh to see the new rule.  If you decide later that you don't want the rule you can right-click on the rule and either disable it or delete it.
0
 
e2p2Commented:
Versions of Windows up to and including W2K3 had an option called TCP/IP filtering.  This allowed for a very basic IP address block.  This feature has been removed in W2K8.
0
 
rgb192Author Commented:
still dont understand

from the start menu
what program do i go to
just to block one ip address

firewall is off
ipsec is off
0
 
e2p2Commented:
Click on start run and enter WF.msc  .   This will Windows Firewall with advanced security.  To turn the firewall on, if you have turned it off, you will need to right click on This top of the list in the left hand panel "Windows Firewall with advanced security".  Choose properties.  Then change the firewall state to On, Inbound Connections to Block and Outbound Connections to Allow.  Click OK.  From this point you can follow the directions from above.
0
 
rgb192Author Commented:
>>The easiest and simplest way in W2K8 is to use the builtin Windows Firewall.  it is enabled by default and blocking one IP address is a strait forward process.

Go to the Windows Firewall, accessed through the Administrative Tools.  Click on Inbound Rules, then Right-Click on the Inbound Rules (both are required). Choose New rule.  Set Rule Type to Custom, click next.  Leave the next screen set to All Programs, click next.  Leave protocol type set to any, click next.  On the next screen leave the Local IP set to any.  Change the Remote IP to "These IP Addresses" then add the address you want to block, click next.  On the Action screen select block the connection, click next.  Click Next on the next screen.  Finally give the rule a name, click next.  You are finished.



saved the rule
now i cant find the rule
0
 
e2p2Commented:
The rules should be alphabetical.  You may need to refresh the view by right clicking on inbound and choosing refresh.
0
 
rgb192Author Commented:
how do i get to 'rules'  (the new rule)
how can i see if this rule has been applied
0
 
rgb192Author Commented:
i followed your advice in setting a new rule

now i cant find that new rule
and cant determine if that new rule has been applied
0
 
e2p2Commented:
Click on start run and enter WF.msc.  Click on Inbound Rules.  Then Right-Click on Inbound Rules and choose refresh.  Then scroll through the Inbound Rules in the center pane and look for the name of the rule you created.  If it is enabled it will have a Check mark in a green circle next to it.  If it is disabled it the circle with the check mark in it will be greyed out.  
0
 
e2p2Commented:
More info:

In Windows 7 and Windows Server 2008 R2, Windows Firewall with Advanced Security also logs events in the Event Viewer program, under Applications and Services Logs\Microsoft\Windows\Windows Firewall with Advanced Security. Information about both firewall and IPsec (connection security) events is presented here.

To get to the Event Viewer go to start/run and type eventvwr.msc.
0
 
rgb192Author Commented:
found rule
disabled with 'crossed red circle icon'

how to enable
0
 
e2p2Commented:
The crossed red circle stands for block, the checked circle stands for allow (Just for information).  If the Crossed Circle is RED that means that the Block rule is enabled, if it is greyed out that means that it is disabled.  Please reference the attached image.
The First rule is an allow rule that is enabled.
The Second is a block rule that is enabled.
The Third is a block rule that is disabled.
The Forth is an allow rule that is disabled.
firewall.jpg
0
 
rgb192Author Commented:
thanks
0

Featured Post

Veeam Disaster Recovery in Microsoft Azure

Veeam PN for Microsoft Azure is a FREE solution designed to simplify and automate the setup of a DR site in Microsoft Azure using lightweight software-defined networking. It reduces the complexity of VPN deployments and is designed for businesses of ALL sizes.

Tackle projects and never again get stuck behind a technical roadblock.
Join Now