Menu
What's new
By:
Filters Better Search

Windows firewall block/allow per IP

  • SNBForums Code of Conduct

    SNBForums is a community for everyone, no matter what their level of experience.

    Please be tolerant and patient of others, especially newcomers. We are all here to share and learn!

    The rules are simple: Be patient, be nice, be helpful or be gone!

Deepcuts

Deepcuts

Regular Contributor
Hello,

From the get go I will say that I have almost zero experience with Windows firewall.
Beside from simple rules like allow an application to access outside networks and simple inbound rules, I am a novice.

Now I need to filter some ports on a Windows 2008 R2 server, which is connected directly to the internet (without a router or hardware firewall in front of it).
And I am unable to see how can I allow an incoming TCP/UDP connection on a specific port ONLY from certain IPs, while blocking it for the rest of the internet.

The setting for incoming connections is to Block by default.
The setting for outgoing connections is to Allow by default.
The connection protected by the firewall is set to Public and the firewall is ON for Public zone.
Added the rule for the port to Allow inbound connections and in Scope section I added the IPs which must have access.
Nevertheless, this does not block access to the specific TCP/UDP port for the rest of the world.
As far as i can tell, Windows firewall only allows you to block/allow a specific port for every IP outside your network.

Am I missing something? Does Windows firewall have this feature? Or do I have to put a linux firewall in front to accomplish this?

Thank you.
 
Last edited:
I use a configurable firewall router for this. It helps because it applies to the whole network and i dont have to configure every client instead. Windows firewall gets defeated if the host gets infected with malware.
Among the choices are
Linux IPTables (RMerlin firmware has it)
Mikrotik Routeros
Ubiquiti EdgeOS
Cisco IOS
Juniper

Whether to go consumer or not depends on features and throughput.

Dont forget to run some kind of UTM or similar in a sense of having a network antivirus as well if you can.
 
I would not run a server unprotected on the internet. The way I control access from the outside to the inside on a router is with ACL, access lists. In one statement you can allow any IP or class of IPs with any port in to a server only passing through your router. I think ACLs are the way to go. Very simple. Cisco has access list in every router that I have seen. Even Untangle a UTM firewall which I also run has support for this. My old router the TP-Link ER6120 has access lists. There are many router that due you just need to find one. I do not believe the ASUS routers support access lists.
 
You must log in or register to reply here.

Similar threads

P
firewall, inbound firewall rules and port forwarding (on RT-AX58U) clarification
Replies
5
Views
1K
eibgrad
eibgrad
Yota
How to enable port randomization in Asuswrt-Merlin?
Replies
4
Views
377
Yota
Yota
P
Firewall on RT-AX86U blocking RTRR Server
Replies
0
Views
323
Pir
P
T
Open ports on WAN for service running on the router
Replies
8
Views
723
ColinTaylor
C
Vagabond
ASUS RT-AX58U Firewall Rules
Replies
6
Views
2K
rgnldo
rgnldo
Similar threads
Thread starter Title Forum Replies Date
G Multiple tries needed to open windows share Other LAN and WAN 0

Similar threads

Latest threads

Support SNBForums w/ Amazon

If you'd like to support SNBForums, just use this link and buy anything on Amazon. Thanks!

Sign Up For SNBForums Daily Digest

Get an update of what's new every day delivered to your mailbox. Sign up here!

Staff online

Members online

Total: 761 (members: 33, guests: 728)
Top