Can the windows firewall block access to all other servers on the local subnet except for a select few

We have servers at a hosting company.  The subnet that the server is on has many servers belonging to others.  We want to block connections to all the servers except our servers.

One method to do this is to put edit the scope entry of every allow rule to specify all the servers we want to allow access.  This would be laborious.  Does anyone have some automated way to update the scope of all allow rules?

Is there a easier way to block a subnet but allow exceptions for the servers you want to permit access?
Seitech2323Asked:
Who is Participating?
 
Seitech2323Author Commented:
I found a way to do it.

Create a blocking rule that blocks all the server I don't want. Using ranges makes this practical.  To allow the 192.168.50.33 server access and block others, just use two ranges: 192.168.50.1-192.168.50.32 and 192.168.50.34-192.168.50.255.  Assumes a 192.168.50.0/24 subnet.

Using the netsh in a batch file let me distribute it amoung the servers.
0
 
connectexCommented:
The netsh command will allow you to make firewall changes. Another option is to use group policy.

-Matt-
0
 
Seitech2323Author Commented:
I would like to note that the real problem is automation part.  I need to set the scope on all allow rules and change them each time a server is added.  What I need is a program that can get a list of all the allow rules and set the scope of each rule.

-or-

One rule that can deny all servers on the subnet except for a few selected ones.
0
 
Seitech2323Author Commented:
Did exacly want I wanted.

Based on my one research
0
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

All Courses

From novice to tech pro — start learning today.