Server 2008 Firewall

 

Blocking a specific IP address

I will now show you how to block a specific ip address using windows server 2008 advanced firewall settings. There will be at times if not all the time certain ip addresses we will want to block from accessing our server or just block them from accessing certain protocols on our server. Luckily Server 2008 has some great features that allow us to do just that. For this example I will show you how to block 1 ip address from accessing all protocols on our server.
The first thing we will do is open Windows firewall by clicking on
Start,
Administrative Tools,
Windows Firewall with Advanced Security.
This will open a window that looks like the one below.

For this example we will block the IP address"192.168.2.139" from accessing the server

 

 

You now need to click on Inbound Rules which is located near the top left corner of the Window. This will change the window to look like the one below.

 

 

We will now click on ("New Rule" located near the right corner of the window)

Your window will now change to the one below.

Now check the box which says "Custom rule" and click "Next"

 

 

Firewall

 

A new window will open like the one below.

As we want to block all network traffic from the ip address "192.168.2.139" we will check the box which says "All programs" and click "Next"

 

Server

 

A new window like the one below will open

this will open a new window which will give us the option to block a particular protocol or all protocols. As we want to block all protocols we will make sure where it says "Protocol type" in the drop down box "Any" must be selected. We will then click "Next"

 

 

which will open a window like the one below.

You will notice it says." Which Local IP address does this rule match?"
by default "Any IP address" has a check mark in it.
We will change this to "These IP addresses"
Then click "Add"

 

 

This will open a new window like the one below.

You will see this has opened up a new window, make sure "This IP address or subnet" has a check mark in it. Then type in the ip address of the local computer you want to stop accessing the server. like I have done below then click "OK"

 

 

You will now see a box like the one below.

 

 

Now click on "Next" and you will see the window below.

 

 

As we are going to block the connection we will check the box which says Block the connection then click "Next"

 

You will then be given the option to state what the rule applies to
Domain,
Private,
Public
You will select all boxes and click "Next"
You will then see the window below.

You now have the option to type a name for this rule, it should be a name that makes sense so that when another network admin comes in he will understand this rule.
So don't go writing something like "my girls pc"
Once you have given the rule a name click on "Finish"
You have now created a rule which stops the IP address of 192.168.2.139 accessing the server.
You can now see the rule you created by clicking on "Inbound rules"