Blocking an IP address

I’ve been avoiding learning how to use the windows firewall for a long time now.   Troubleshooting a remote UAG setup forced me to take the time to learn this.

We were trying to identify scenarios where UAG was supposed to rewrite the URL.   In their test setup the client wasn’t blocked from directly accessing the application website published through UAG using the application website’s IP address – in essence bypassing UAG.  This led to some confusing results while we were testing.

Temporarily setting up a firewall rule on the client computer to block traffic directly to the application web server addressed the problem and gave us consistent results.

netsh advfirewall firewall add rule name=”disallow xyz webapplication” action=block enable=yes localip=any remoteip=nnn.nnn.nnn.nnn

Removing the rule at the end of the testing was as simple as

netsh advfirewall firewall delete rule name=”disallow xyz webapplication”

It appears Vista has a different command syntax

netsh advfirewall add/delete

instead of

netsh advfirewall firewall add/delete

Advertisements
This entry was posted in Uncategorized. Bookmark the permalink.

3 Responses to Blocking an IP address

  1. Mattb says:

    A great alternative to Linux’s BFD for Windows. Works like a charm, thanks very much.

  2. Commenter says:

    You’re missing the “dir” flag in the rule, e.g. “dir=out” to block outbound connections.

  3. bill says:

    Thanks for the quick tutorial. The command in your post did not work for me on Windows 7 and I had to make a couple of changes (see the ‘dir’ and ‘profile’ option which are mandatory. Also the name cannot contain spaces even when enclosed in quotes. So I added a description option.

    netsh advfirewall firewall add rule name=disallow-111.111.111.111 action=block enable=yes localip=any dir=in profile=public remoteip=”111
    .111.111.111/32″ description=”This is a desc”

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s