To ALLOW ONLY Specific Network To Access:
There is a underlying policy's under the policies: deny all
what we need to do is create the explicit allow policies
what we need to do:
- under the inbound scope:
- disable all of other allow rules or connections will still make it through from them
-
run the command below
netsh advfirewall firewall add rule name="Allow from Internal Access" dir=in action=allow protocol=ANY remoteip=172.16.11.0/24
172.16.15.0/24
172.16.10.0/24
172.16.30.0/24
Or powershell:New-NetFirewallRule -Name Allow192.0.2.55 -DisplayName 'Allow from 192.0.2.55' -Enabled True -Direction Inbound -Protocol ANY -Action Allow -Profile ANY -RemoteAddress 172.16.15.0/24
- Restart the Firewall service after creating the rules