2.14.3 How to Block IP in Windows Firewall

How to Block IP in Windows Firewall

Problem

We want to block special IPs to access the applications in our server;

Case 1: Blocking single IP

1 Open Windows Firewall with Advanced Security

2 Create a New Rule

3 Select Custom in Rule Type

4 Select “All Programs”

Select all Programs under Does this Rule Apply to All Programs or a Specific Program?

5 Select Any on the Protocol and Ports Screen

6 Click Add as Noted on the Red Outline Squared to Add Special IP or IP Range

7 Add the Special IP or IP Rage

 

8 You can add more IPs to block here

9 Select Block the Connection

10 Select all options under When does This Rule Apply?

11 Set a name for the rule

12 Done

 

Case 2: Blocking multiple IPs

1. Create a .txt file named IP.txt and then add the IP addresses the .txt file.

2. Run the following powershell script in Powershell.

2.1 For Windows Server 2008
$IP = get-content c:\IP.txt
netsh advfirewall firewall add rule name="_Block Rule" dir=in action=block protocol=TCP localport=any remoteip= $IP
 
or 
 
netsh advfirewall firewall add rule name="_Block Rule" dir=in action=block protocol=TCP localport=any remoteip= "IP1,IP2,IPX"
 
2.2 For Windows Server 2012 or 2016
$IP = get-content c:\IP.txt
New-NetFirewallRule -DisplayName "_Block Rule" -Direction Inbound –LocalPort Any -Protocol TCP -Action Block -RemoteAddress $IP
 
or
 
New-NetFirewallRule -DisplayName "_Block Rule" -Direction Inbound –LocalPort Any -Protocol TCP -Action Block -RemoteAddress IP1,IP2,IPX
 
 

Add Feedback