Hi! I have a problem with ICS and Advanced Windows Firewall. I have a small network in my office and use win7's Internet Connection Sharing service to access internet for clients. And turned on Advanced Windows Firewall to accept inbound tcp port 80 and block outbound specified port (like tcp port 25). I want to allow only the tcp port 80 to access internet from ICS client, but all packets are allowed. I wonder if the advanced windows firewall can block these packet? Ofcource, to ICS server pakcet is blocked, but to internet packet is not blocked. Anyone tell me how to be possible this function? I know make it possible to use third party's firewall software or hardware. But if passible, I want to use only windows7 function.

Hi, Thanks for posting in Microsoft TechNet forums. Open Windows Firewall by clicking the Start button , clicking Control Panel, clicking Security, and then clicking Windows Firewall. Click Allow a program through Windows Firewall. To add, change, or remove allowed programs and prots, click Change settings. For detailed information, please refer to http://windows.microsoft.com/en-US/windows-vista/Open-a-port-in-Windows-Firewall Best Regards Magon Liu TechNet Subscriber Support in forum. If you have any feedback on our support, please contact tngfb@microsoft.com Please remember to click Mark as Answer on the post that helps you, and to click Unmark as Answer if a marked post does not actually answer your question. This can be beneficial to other community members reading the thread.

Hi, Magon, Thank you for your answer. But our problem is unsolved. I'm sorry for a little description. Our network is very simple, |Client pc1| ------| | |Client pc2| ---|Hub|-----|Windows7(ICS Server and Adv Windows Firewall)| ======= Internet | ..more ----- Each client pc can access to internet because windows7 pc is working as a NAPT gateway by ICS service. We want to control these transfered packets from client pc to internet by port blocking on windows firewall. (For example, client pc can't access internet by tcp port 25.) But we can't block these transfered packets from client pc to Internet by any way of advanced windows firewall. Ofcource we can block the packets from client pc to windows7 pc by inbound filter. And can block the packets from windows7 pc to any by outbound filter. We tried to block by ip address range, or ICS services. but can't. Probabry, the ICS service is working under inbound/outbound filter level. I think, is there not any filter like PREROUTING or POSTROUTING table on linux iptables?

Hi, Windows 7 client is mostlly for home users, to block by ip address range server is needed to be involved. Regards,Please remember to click Mark as Answer on the post that helps you, and to click Unmark as Answer if a marked post does not actually answer your question. This can be beneficial to other community members reading the thread.