My question centers around windows 2008 and the windows firewall. I have a server with 2 interfaces. Interface 1 is a public facing interface, interface 2 is a private only interface. My goal is to restrict the private only interface to have access to only a certain subnet, while leaving the public interface with unrestricted access ( it is behind a hardware firewall ) The issue I am running into is that when I create a drop all rule in the windows firewall that applies to the private interface it affects the public interface even though it is exclusively set to the private interface only. I have tried to apply this to the private interface directly and to the private IP address but it still will not work correctly. I noticed that IPSec may be a option, however I am not sure on the best way to configure it in this type of scenario. Does anyone have any ideas on how to get this implemented properly?