Blocking a single internal IP from using the internet on Windows Server 2008 NAT
Hi Forums,
I have a windows server 2008 R2 installation that uses NAT to provide internet access to our internal users. I could do with knowing how I can go about blocking a single internal IP address (or specific MAC) from accessing the internet. It'd be especially
useful if I could do this through netsh, as I'd quite like to script it.
Thanks in advance
May 17th, 2011 4:26am
Hope these helps
Netsh Command Syntax for the Netsh Firewall Context
http://technet.microsoft.com/en-us/library/bb490617.aspx
How
to use the "netsh advfirewall firewall" context instead of the "netsh firewall" context to control Windows Firewall behavior in Windows Server 2008 and in Windows Vista
http://support.microsoft.com/kb/947709
netsh firewall set portopening protocol=ALL profile=ALL
mode=DISABLE scope=CUSTOM addresses=x.x.x.x
Free Windows Admin Tool Kit Click here and download it now
May 17th, 2011 1:53pm
Hi Mox,
Thanks for posting here.
You may achieve the goal by setting inbound/outbound filters if you are using RRAS for NAT on this Windows server 2008 R2 host:
Configure Static Packet Filters
http://technet.microsoft.com/en-us/library/dd469754(WS.10).aspx
Thanks.
Tiger Li
Please remember to click Mark as Answer on the post that helps you, and to click Unmark as Answer if a marked post does not actually answer your question. This can be beneficial to other community members reading the thread.
May 17th, 2011 11:19pm