How do I block a specific IP from my server?


IPSec Filtering

First, you will need to open the IPSec snap-in:

Start -> Run -> mmc
File -> Add/Remove Snap-in...
Add...
IP Security Policy Management (Not to be confused with IP Security Monitor)
Local Computer

Highlight 'Security Policies on Local Computer'

In the right pane, right-click and choose 'Create IP Security Policy...'
This will start the IP Security Policy Wizard.
Choose 'Next'
Enter a 'Name:' and 'Description:'
UN-CHECK 'Activate the default response rule.'
Leave 'Edit properties' checked.
and click 'Finish'

Under 'Rules' choose 'Add...' This will start the Security Rule Wizard.

'Next'
This rule does not specify a tunnel.
Local area networks (LAN)
This will open the 'IP Filter List'
Choose 'Add...'
Enter a 'Name:' and 'Description:' *Use the IP as the name for identification purposes.*
Choose 'Add...'
'Next'
'Description:' is optional here, though I'd put the IP to block again...
UN-CHECK 'Mirrored. match packets with the exact opposite source and destination address.'
For 'Source address:' Use the Drop-down to choose 'A specific IP Address' and enter the IP address to IP to be blocked.
'Next'
For 'Destination address:' Use the Drop-down to choose 'My IP Address'
'Next'
For 'Select a protocol type:' leave the drop-down on 'Any'
'Next'
Make sure 'Edit properties' is unchecked and Click 'Finish'

This will return you to the 'IP Filter List' press 'OK' to close it.

You will now see and should select the radial for the filter list you just created.
'Next'
This will open 'Filter Action'
Choose 'Add...'
'Next'
Enter a 'Name:' and 'Description:' This action is simply for blocking traffic so Name it "BLOCK"
'Next'
Select the 'Block' radial
'Next'
Make sure 'Edit properties' is unchecked and Click 'Finish'

This will return you to the 'Filter Action' selection You will now see and should select the radial for the filter action you just created. Make sure 'Edit properties' is unchecked and Click 'Finish'

Click 'OK' to close the Policy you've just created.

The new policy should now show up in the right pane... to activate it, simply right-click and choose 'assign'

More information can be found in this downloadable guide from Microsoft: Windows Firewall with Advanced Security: Step-by-Step Guide: Deploying Windows Firewall and IPsec Policies

  • 4 Utilisateurs l'ont trouvée utile
Cette réponse était-elle pertinente?

Articles connexes

Enabling Audio over RDP on a Windows Server

Please note, it is not necessary to install audio hardware to enable audio for applications...

How do I change the port that Terminal Services runs on?

1. Select Start, Run and enter 'regedt32'. Locate the following key in the registry:...

How do I configure the Windows Firewall?

Microsoft has developed a great article centered around configuration of the Windows Firewall...

How do I disable Internet Explorer Enhanced Security?

Disabling Internet Explorer Enhanced Security Configuration Windows Server 2003 is shipped with...

How do I enable ICMP echos in Server 2008

Enable ICMP echos in Server 2008 To enable ICMP replies in Windows Server 2008 you must allow...