Restricting wireless adapter to only connect to office wireless

I've got a surface RT tablet that I do not want my end users hitting any wireless unless it's MY wireless here at work.  It's not the Surface Pro, so I cannot join it to the domain and use GPO to restrict connections.  How would I do it locally?  Inside the windows firewall?  In local security policy?
Who is Participating?
btanConnect With a Mentor Exec ConsultantCommented:
May want to consider use of netsh to create profile to specific ssid and interface no. Also add filter...

Maybe something like ...

netsh wlan add filter permission=denyall networktype=infrastructure
netsh wlan set blockednetworks display=hide
netsh wlan add filter permission=allow ssid=My_SSID networktype=infrastructure
netsh wlan add filter permission=allow ssid=My_SSID_G networktype=infrastructure
Supposedly all other nearby wireless networks are blocked and hidden while still able to connect to allowed networks, the only ones listed in the available networks list
melissasfarrisAuthor Commented:
Thank you Breadtan, that looks to be working!  Except, that I put line 3 in first, then line 1 and 2.

Now, because I need to know this, how would I UNDO this restriction?  Btw, thank you for the exact syntax with no typos!!!
btanExec ConsultantCommented:
Can try deleting the filter

netsh wlan delete filter permission={allow|block|denyall} ssid=NETWORKNAME networktype={infrastructure|adhoc}

Then check filter by

netsh wlan show filters
Simple Misconfiguration =Network Vulnerability

In this technical webinar, AlgoSec will present several examples of common misconfigurations; including a basic device change, business application connectivity changes, and data center migrations. Learn best practices to protect your business from attack.

melissasfarrisAuthor Commented:
I will test that tomorrow!
melissasfarrisAuthor Commented:
By the way, I meant to mention in my earlier comments that in order to do ALLLL of this, when I ran the command prompt, I had to "run as administrator".  Even logged on as admin, it doesn't work unless you do this.

Ok, so to ultimately delete the filter and the networks I'd added to the allow list, this is what finally worked:

netsh wlan delete filter permission=denyall networktype=infrastructure
netsh wlan delete filter permission=allow ssid=My_SSID networktype=infrastructure
netsh wlan delete filter permission=allow ssid=My_SSID_G networktype=infrastructure

Then I used the:

netsh wlan show filters

And I see that these commands have put me back to normal.  I can see all wireless.

So now I can get this exactly how I need it, and I thank you!  Resolved!
btanExec ConsultantCommented:
Thanks for sharing!
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

All Courses

From novice to tech pro — start learning today.