In the following article we will explain how to block IP addresses in Windows, both by graphical interface and by command console (PowerShell).
Points to consider before blocking IP and ports in Windows:
-In which profile do you want to block the port (Public, Private or Domain)?
-Which port do you need to block (port number)?
-Direction: Inbound or Outbound (incoming or outgoing requests).
-Protocol type (TCP, UDP, ICMPv4, or ICMPv6)
Note
It is necessary to enable the Windows firewall for it to work.
Open Windows Defender Firewall - Advanced Settings
New rule
Under Advanced settings, there will be an option for "Inbound rules". Click on it and then click on "New rule".
Select the type of rule and the specific protocol.
Click "Rule type", select "Custom" and click "Next". In the next window, click on "All programs" under the heading "Does this rule apply to all programs or to a specific program?".
Next, the system will ask you for the protocol and ports. Just select the "Any" option and click the "Next" button to proceed.
Enter the IP address to block
Now, in the next window, under "Which local IP address does this rule apply to?" select the "These IP addresses" option. Then click "Add" to add the IP address.
When the IP address block opens, choose the "This IP address or subnet" option and enter the IP to block. Then click the "OK" button.
Once you click "OK", the system will redirect you back to the previous screen. There you will see the IP address you just entered to block. You can add more IP addresses by clicking the "Add" button and following the same process.
After entering all the IP addresses to block, click "Next" to continue.
We block the connection and name the rule
In the next window, select the "Block connection" option and click "Next". Next, the system will ask you to choose "When does this rule apply?". Select the three options: Domain, Private, Public, and click "Next".
Finally, set a name for the rule and click "Finish".
These would be the steps to follow to block an IP with the Windows graphical interface.
Open the PowerShell
There are different options to add rules, we will give you some examples, the most common ones.
If we want to block the entire IP (for all ports) execute the following command
New-NetFirewallRule -Direction Inbound -DisplayName "test" -Name "test" -RemoteAddress 86.127.200.200/32 -Action Block
If we want to create a firewall rule to block only the access to a port from a specific IP address, we will execute the following command, in the example we will do it for the RDP port 3389
New-NetFirewallRule -Direction Inbound -DisplayName "RDP" -Name "RDP" -Protocol TCP -LocalPort 3389 -Action Block -RemoteAddress 86.127.200.200/32
We can also add a specific range, e.g. 86.127.200.200-86.127.200.230
New-NetFirewallRule -Direction Inbound -DisplayName "RDP" -Name "RDP" -Protocol TCP -LocalPort 3389 -Action Block -RemoteAddress 86.127.200.200-86.127.200.230
Remove IP addresses
If now we want to remove any of the created rules, we only have to execute the remove-netfirewallrule indicating the name of the previously created rule
Remove-NetFirewallRule -name RDP2
If you have any questions about this topic or about your Clouding servers, don't hesitate to contact us at soporte@clouding.io We are always available for anything you need!