Adding entries into the Windows Server 2012 R2 firewall.

ATT access my lan techs want me to add IP address and URLS to my Windows 2012 R2 server.

Suggestions on the correct way to add them. I've added ports and etc but this is the first time to add URLS and IPs.

Ex. IP
Who is Participating?
I wear a lot of hats...

"The solutions and answers provided on Experts Exchange have been extremely helpful to me over the last few years. I wear a lot of hats - Developer, Database Administrator, Help Desk, etc., so I know a lot of things but not a lot about one thing. Experts Exchange gives me answers from people who do know a lot about one thing, in a easy to use platform." -Todd S.

Rob WilliamsCommented:
I have never heard of entering URLS, it might work, but it is not addressed in the documentation.  
To add IPs:
Open the Windows Firewall with Advanced Security console.  Select inbound or out bound rules on the left, presumably Inbound.  Double click on the rule you want to edit.  Choose the "Scope" tab, and change "remote IP Addresses" from  Any IP Address to These IP Addresses, and add the IPs.  When you click add, it will give you examples for single IP's, subnets, or ranges.
UtahTNAuthor Commented:
Accessmylan Ireland tech support:

Hi Billy,

External Firewall needs to allow: - IP: - IP: - IP:

Ensure that port 443 is open.

I just pinged one of the urls and you are correct it corresponds to the ip address. Therefore I'm assuming they want me to add a rule to the firewall that allows these addresses to 443. What would you suggest. Modifing a current Windows Server 2012 rule or creating a new rule.
UtahTNAuthor Commented:
Current on the server I have World Wide WEb Services (HTTPS Traffic.. profile=1ll Enabled=no Action=Allow Overide=No Program System Local address=Any Remote Address=Any Protocol=TCP Local Port=443 Remote Port=Any AuthUsers-Any
Protecting & Securing Your Critical Data

Considering 93 percent of companies file for bankruptcy within 12 months of a disaster that blocked access to their data for 10 days or more, planning for the worst is just smart business. Learn how Acronis Backup integrates security at every stage

Rob WilliamsCommented:
It looks like they are just listing the URLs and their related IPs, so you just need to add the IPs.

Usually you will want to modify the existing rule as the existing may override a new rule, depending on the order they are applied.
You need to enable the rule, then under scope add your IPs.  Just click Add, and enter one at a time.

Experts Exchange Solution brought to you by

Your issues matter to us.

Facing a tech roadblock? Get the help and guidance you need from experienced professionals who care. Ask your question anytime, anywhere, with no hassle.

Start your 7-day free trial
Blue Street TechLast KnightCommented:
Hi UtahTN,

Why are you adding Public IPs/domains to a Windows firewall. Filtering of Public IPs should occur on the Hardware firewall even if it is a web server in the DMZ.

Windows Firewall only works on IP-basis AFAIK.
UtahTNAuthor Commented:
I accidentally looked at the wrong line. This rule is already enabled and set for Any IP address. I think they have something setup incorrectly. The access my lan host and client software are connected and working without any error messages. I'm going to run a few test and try RDP again and see if it is talking through their APN/VPN.
UtahTNAuthor Commented:
I asked this question hoping someone else had experience with ATT accessmylan setup. The whole purpose of using their VPN product was so I don't have to open anything to the outside. I could have just used my Global Sonicwall VPN client. I like the idea of using a hotspot that could support several products like, iphone, ipad and notebook at the same time. I had this working last year directly to a windows 7 PC on the same network behind the same router without changing anything in the sonicwall or the windows firewall. Now I'm at a point I want to move it over to the windows 2012 server but someone different was attempt to help me on-board the service.
Rob WilliamsCommented:
Normally the firewall rule is enabled and allows connecting from any IP.  By using the scope and adding the IPs it changes to only allow connections from those 3 IPs.

I tend to agree with BST, always better to control from the hardware firewall at the perimeter of the network, but not all routers allow you to do that. SonicWALL will.
It's more than this solution.Get answers and train to solve all your tech problems - anytime, anywhere.Try it for free Edge Out The Competitionfor your dream job with proven skills and certifications.Get started today Stand Outas the employee with proven skills.Start learning today for free Move Your Career Forwardwith certification training in the latest technologies.Start your trial today
Software Firewalls

From novice to tech pro — start learning today.