Skip to main content

Block an IP address with IP Security Policy Management for Windows 2003


  1. Click 'Start' > 'Run' >type 'MMC' press ok.
  2. In the console click > 'File' > 'Add/Remove Snap in
  3. In the 'Standalone Tab' click The 'add' button
  4. Select 'IP Security Policy Management' > 'ADD' > 'Local Computer' > 'finish' > 'close' > 'ok'
  5. You should now be back to the console. In the left frame right click 'IP security policies on local computer' > 'Create IP security policy'.
  6. Click Next and then name your policy 'Block IP' and type a description.
  7. Click 'Next' then leave 'activate' ticked then click 'Next' Leave the 'edit properties ticked and click 'Finish'
  8. You should now have the properties window open.
  9. Click 'ADD' then click 'Next' to continue.
  10. Leave 'This rule does not specify a tunnel' selected and click 'next'
  11. Leave 'all network connections' selected and click 'next'
  12. You should now be on the IP filter list. You need to create a new filter, so don't select any of the default ones. Click 'ADD'
  13. Type a Name for your list; call it 'IP block list'. Type a description in, can be same as name.
    Click 'ADD' then click 'Next' to continue.
  14. In the description box type a description. As it's the first IP you are blocking call it 'IP1' or 'IP Range 1'. Leave ticked the 'Mirrored. Match packets with the exact opposite source and destination addresses'. Click 'Next'
  15. The 'Source address' should be left as 'My IP address' click 'Next'.
  16. You can now select 'A Specific IP address' or 'A Specific Subnet' for the Destination address.
    Type in the IP address you want to block and if blocking a subnet type in the subnet block. Click 'next'
  17. Leave the protocol type as 'Any' and click 'Next' and then 'Finish'
Labels:

Comments

Post a Comment

Popular posts from this blog

There are currently no logon servers available to service the logon request

When bringing a new server on line, you may see an error that says: The Security System detected an authenticaton error for the server ldap/xxxxxxxt. The failure code from the authentication protocal Kerberos was "There are currently no logon servers available to service the logon request. Event id: 40960 category: SPENGO (Negotiator) (0xc000005e) This issue is the result of missing or the inability to contact the DNS SRV (SeRVice) records. You just brought a new server on line. To complete the process, the server has to register its own host A record and SVR record in DNS. To do this, Type the following at the command prompt: IPconfig /flushdns IPconfig /registerdns net stop netlogon net start netlogon flushing DNS will remove all old or improper DNS records registering dns records registers your Host A record restarting the netlogon will register your SRV records. __________________________________________________________________________________ Speaking of ...
Post a Comment
Read more

test vpn bandwidth and speed with iperf

This article explains how to use a free utility called iPerf to test the speed of a VPN connection. In this example I am running iPerf on windows but there are other versions available (i.e. Linux). Download iPerf from  http://linhost.info/2010/02/iperf-on-windows/ Put a copy on 2 computers with 1 either side of the VPN. In this example I have put in the c:\triangle folder On the “server” PC open a cmd prompt and navigate to the folder containing iperf. Note on computers running Win7 or Win2008 I recommend running the cmd prompt in elevated mode. Run the command  iperf –s On the “client” PC open a cmd prompt and again navigate to the folder containing iperf. Run the command  iperf –c After a short while the estimated bandwidth is displayed.
1 comment
Read more

Installing the East-Asian language packs

Windows XP SP3 Info 1. Go to Start > Control Panel > Regional & Language Options (or Date, Time, Language and Regional Options) > Languages. 2. Check the box for Install files for East Asian Languages > Click OK and let the process run and then you will have to Restart your PC. Alternatively, you may need to install the East Asian Language pack that is on your original Windows disc. Outlined below is a step-by-step guide to installing it in your computer (for Windows XP - Vista users might have to undergo different steps, but they should still be similar). Try it and see if it works for you: 1. Insert your Windows XP CD 2. Go to Control Panel 3. Go to Regional and Language Options 4. Click on the Languages Tab 5. Click on the Install files for East Asian Languages checkbox and make sure that it's checked. 6. Click on the OK button for the dialog box that appears. 7. Click on the OK button of the window to close it, and begin the installation. ...
1 comment
Read more