How to Block IP Addresses in Windows Server 2003


 

Microsoft Management Console

If you want to block an IP address or a range of IP addresses, and you don’t have access to the router or firewall of the network you could use Windows’ IP Security Policy Management instead. Follow the steps bellow to learn how to do so:

  1. Open the Run dialog box by selecting it from the Start menu or pressing WinKey and R.
  2. Type mmc and press OK.
  3. In the console select Add/Remove Snap-in from the File menu and click the Add button in the Standalone tab.
  4. In the Add Standalone Snap-in dialog box select IP Security Policy Management and click Add.Add Standalone Snap-in
  5. In the Select Computer or Domain dialog box select Local Computer and click Finish.
  6. Now just close the Add Standalone Snap-in and Add/Remove Snap-in dialog boxes by clicking the Close and OK buttons respectively.
  7. You should now be back to the console. In the left frame right click IP Security Policies on Local Computer and select Create IP Security Policy.
  8. Click Next and in the Name textbox give the policy a descriptive name. The Description textbox is optional.
  9. Click Next, leave Activate the default response rule checkbox ticked and click Next again.
  10. Leave the Edit Properties checkbox ticked and click Finish.
  11. The Properties dialog box should be open now. Click Add button and click Next in the wizard.IP Security Policy Properties
  12. Leave This rule does not specify a tunnel selected and click Next.
  13. Leave All network connections selected and click Next.
  14. You should now see the IP Filter List step of the wizard. You need to create a new filter, so don’t select any of the default ones, just click Add.IP Filter List Step of the Wizard
  15. Type a descriptive name for the filter list. The Description textbox is optional.IP Filter List
  16. Click Add again to start yet another wizard that will create a filter and add it to the list. Click Next.
  17. Leave the IP Traffic Source to My IP Address and click Next.
  18. For the IP Traffic Destination you could choose A specific IP Address or A specific IP Subnet to block an IP address or a range of IP address.
  19. Enter the IP address you would like to block and the Subnet mask if you selected A specific IP Subnet. Then click Next.
  20. Leave the protocol type as Any and click Next then Finish.

You now have the IP or a range of IPs blocked from accessing any service the local computer provides.

Advertisements

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s

%d bloggers like this: