Blocking a single internal IP from using the internet on Windows Server 2008 NAT
Hi Forums, I have a windows server 2008 R2 installation that uses NAT to provide internet access to our internal users. I could do with knowing how I can go about blocking a single internal IP address (or specific MAC) from accessing the internet. It'd be especially useful if I could do this through netsh, as I'd quite like to script it. Thanks in advance
May 17th, 2011 4:26am

Hope these helps Netsh Command Syntax for the Netsh Firewall Context http://technet.microsoft.com/en-us/library/bb490617.aspx How to use the "netsh advfirewall firewall" context instead of the "netsh firewall" context to control Windows Firewall behavior in Windows Server 2008 and in Windows Vista http://support.microsoft.com/kb/947709 netsh firewall set portopening protocol=ALL profile=ALL mode=DISABLE scope=CUSTOM addresses=x.x.x.x
Free Windows Admin Tool Kit Click here and download it now
May 17th, 2011 1:53pm

Hi Mox, Thanks for posting here. You may achieve the goal by setting inbound/outbound filters if you are using RRAS for NAT on this Windows server 2008 R2 host: Configure Static Packet Filters http://technet.microsoft.com/en-us/library/dd469754(WS.10).aspx Thanks. Tiger Li Please remember to click Mark as Answer on the post that helps you, and to click Unmark as Answer if a marked post does not actually answer your question. This can be beneficial to other community members reading the thread.
May 17th, 2011 11:19pm

This topic is archived. No further replies will be accepted.

Other recent topics Other recent topics