You might sometimes need to block a specific IP address from accessing your server for several reasons. Follow the simple instructions below which include creating an IPSec Security Policy specifying to block access to specific IP address –
Step 1 – Hover your mouse to Start Menu and click on Run.
Step 2 – Type “secpol.msc” in the run window and click OK.
Step 3 – The Local Security Settings window will open. Click on “IP Security Policies on Local Computer”.
Step 4 – Go to the right window pane, right-click and select “Create IP Security Policy”.
Step 5 – Click Next when the Wizard opens.
Step 6 – The IPSec Security Policy window will open where you can name your new IPSec Security Policy. For example, it is named as “Blocked IPs” here. After naming it, type a description and click Next.
Step 7 – Leave the Activate the default response rule checked and then click Next.
Step 8 – Again leave the Active Directory default (Kerberos V5 protocol) checked and click Next.
Step 9 – A warning window will open but don’t worry simple click Yes.
Step 10 – Keep the Edit Properties box checked and click on Finish.
Step 11 – Uncheck the “Use Add Wizard” checkbox and then click on “Add”.
Step 12 – Again click the Add button.
Step 13 – Uncheck the “Use Add Wizard” checkbox and click Add.
Step 14 – For “Source Address”, click the dropdown menu and choose “A specific IP Address”.
Step 15 – This is where you will enter what IP address you want to block. In this example, the IP address “220.127.116.11” is to be blocked.
Step 16 – Click the dropdown menu for “Destination address” and select “My IP Address” and the click OK.
Step 17 – Click OK.
Step 18 – Select the newly created Filter and click on the Filter Action tab.
Step 19 – Select the SI Deny rule and click Apply.
Step 20 – Click OK, then Apply and OK again which will take you back to the main console window.
Step 21 – If everything gets done successfully, it will indicate that the policy is assigned. Your server will now block all requests to that specific IP address.