Tek-Tips is the largest IT community on the Internet today!

Members share and learn making Tek-Tips Forums the best source of peer-reviewed technical information on the Internet!

Register Log in
  • Congratulations strongm on being selected by the Tek-Tips community for having the most helpful posts in the forums last week. Way to Go!

ip filtering

Status
Not open for further replies.
vti

vti

Technical User
Feb 26, 2001
189
TR


Hi,
I have an 2000 advanced server and all i want to do is deny specific ip address or specific range to access this server from the same network mask.But i don't want to use any shareware tool for that except if it is impossible.

Any idea.

 
Sort by date Sort by votes
In you TCP/IP properties, select Advanced, then Options. Select TCP/IP Filtering, and add every address you want to access in IP Protocols, then just leave out all that you don't want to access.
 
Upvote 0 Downvote
hi mark01
there are three tabs which tcp ports,udp ports,ip protocols
There is nothing to use add ip entries.?
 
Upvote 0 Downvote
That is correct. you have the three options. However, if you are trying to deny access from specif IP addresses. You can not do that here. If this is a webserver and you are trying to deny access to a site you can do it in the webconsole for that site. However if it is not a webserver and you are trying to deny access to the server from a specific range of addresses then you would have to use the routing optinos within the server.
 
Upvote 0 Downvote
If you have AD. Make a Group POlicy or if you want use the default domain policy (AD Users/Comp-->Your domainname->Right click-->properties-->Group Policy-->Default Domain POlicy-->Edit)
Once there Go to COmpuetr Configuration-->Windows Settings-->IP security Settings on Active Directory
On the tool bar on top you will have the option (icon) of Creating an IP security POlicy of your own, where you can disable/enable traffic coming to your server based on IP addresses or ranges.
Then after you finish with it, just Assign the policy to your domain. A+, MCP, CCNA
marbinpr@hotmail.com

"I just know that I know nothing"
Socrates (469-399 B.C.E.)

 
Upvote 0 Downvote
hi Chris77504 ,koquito

It's not a web server and unfortunetly i don't have AD.

So I guess i need to use something like personal firewall
 
Upvote 0 Downvote
MAybe you can do a work around it, by configuring fake routes on your clients (on those you want to modify the access to the server).
Use the "route" command at the command prompt. This way you can set a route for example to tell a machine whe is asking for a route to get to the server: the route is this one (and it wont be real, so it will go to a different IP). A+, MCP, CCNA
marbinpr@hotmail.com

"I just know that I know nothing"
Socrates (469-399 B.C.E.)

 
Upvote 0 Downvote
YOu can do like koquito said but instead of using AD just use the Local computer policy and follow koquito advise that would be mine also.

IPSEC is a GREAT FIREWALL if you know how to use it correctly.
 
Upvote 0 Downvote
Status
Not open for further replies.

Similar threads

dpellegrini
  • Locked
  • Question
Website will load using hostname but not IP address
Replies
3
Views
449
mangentle
mangentle
Fireksf
  • Locked
  • Question
Avaya IPOCC not generate Report, Please any body if you a have any idea help me.
Replies
1
Views
110
MarkSweetland
MarkSweetland
evr72
  • Locked
  • Question
Wundows Server 2003 DNS can resolve names but not ip addresses
Replies
0
Views
55
evr72
evr72
KatzEye1
  • Locked
  • Question
RD IP Virtualization
Replies
0
Views
58
KatzEye1
KatzEye1
kjv1611
  • Locked
  • Question
New Client Picks Up Old Client IP Address, Both now Share?
Replies
4
Views
117
kjv1611
kjv1611

Part and Inventory Search

Sponsor

Back
Top