• Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 500
  • Last Modified:

Can the windows firewall block access to all other servers on the local subnet except for a select few

We have servers at a hosting company.  The subnet that the server is on has many servers belonging to others.  We want to block connections to all the servers except our servers.

One method to do this is to put edit the scope entry of every allow rule to specify all the servers we want to allow access.  This would be laborious.  Does anyone have some automated way to update the scope of all allow rules?

Is there a easier way to block a subnet but allow exceptions for the servers you want to permit access?
0
Seitech2323
Asked:
Seitech2323
  • 3
1 Solution
 
connectexCommented:
The netsh command will allow you to make firewall changes. Another option is to use group policy.

-Matt-
0
 
Seitech2323Author Commented:
I would like to note that the real problem is automation part.  I need to set the scope on all allow rules and change them each time a server is added.  What I need is a program that can get a list of all the allow rules and set the scope of each rule.

-or-

One rule that can deny all servers on the subnet except for a few selected ones.
0
 
Seitech2323Author Commented:
I found a way to do it.

Create a blocking rule that blocks all the server I don't want. Using ranges makes this practical.  To allow the 192.168.50.33 server access and block others, just use two ranges: 192.168.50.1-192.168.50.32 and 192.168.50.34-192.168.50.255.  Assumes a 192.168.50.0/24 subnet.

Using the netsh in a batch file let me distribute it amoung the servers.
0
 
Seitech2323Author Commented:
Did exacly want I wanted.

Based on my one research
0

Featured Post

Get your problem seen by more experts

Be seen. Boost your question’s priority for more expert views and faster solutions

  • 3
Tackle projects and never again get stuck behind a technical roadblock.
Join Now