0

Yo guys, I have googled it alot and didn't find an useful answer, so i decided to ask the experts here, How can i allow only a specific IP to access my server blocked ports while others can't? Note : I'm using windows 2k8 R2. Also im using the original windows firewall.

Youssef
  • 50
  • 2
  • 9
  • you need to include more info, the answer will depend on the OS (windows, linux, ...) running on the node where the port is blocked, how your network looks like (dedicated firewall or not). I didn't search, but I would bet this question has been already answered. – marek.jancuska Mar 17 '15 at 10:49
  • Im using win 2k8 r2, im using the original windows firewall. – Youssef Mar 17 '15 at 10:58
  • this looks at least similar: http://stackoverflow.com/questions/13179799/how-to-allow-specific-ips-though-the-firewall/13181628#13181628 . It is best to edit your question to add more info, and also please add tags to see it is related to windows . – marek.jancuska Mar 17 '15 at 11:03
  • No, that thread didn't help me. – Youssef Mar 18 '15 at 07:02
  • all i want is to allow a specific ip to cross through my firewall, is that possible? – Youssef Mar 18 '15 at 07:02
  • I don't know, I cannot help more, but now that you added tags about windows, followers of those tags can see your question – marek.jancuska Mar 18 '15 at 11:54

1 Answers1

0

Effectively, you would want to have a "deny all" inbound rule in place, and then create a single rule that's evaluated before the deny all.

Windows Firewall > Advanced Settings > Inbound Rules > New Rule > Custom > Choose your program > Select the protocol (probably TCP) and port > Enter the IP of the remote computer > choose the action (filter/forward) > choose when the rule applies > name it > save it.

I would be remiss to not state that there is absolutely another solution to this problem. I've never had to poke a hole in the windows firewall. Of course, I've never used a windows machine as a perimeter firewall either.

Jacob
  • 890
  • 6
  • 16
  • Enter the IP of the remote computer :-> But it can be accessed by n- number of machines and that too can have any ip address range. Is this the acceptable solution. – Learner May 26 '15 at 07:20