The Group Policy allows access by a specified IP address.
Background: A local oil depot has a computer and the IP address is 10. x.Y. a. The headquarters scanned the computer and opened the TCP port 102 to allow only the IP addresses of the local network segment (10.10.X.Y.A-B) of the oil depot to access the TCP port 102 of the device, others are not allowed.
As the winxp policy of the production machine has been configured, this article uses win10 as an example.
Create Policy
1. Open the Group Policy and right-click to create an IP Security Policy.
Click Finish
Create a blocking rule
As shown in the following figure, click Add.
Add block filter
Click Add
Click Finish. The configuration details are displayed. Click OK.
Configure filter actions
Configure action-stop for "block all", select "block all", and click Next
Select "Block", click "Next", and then click "finish ".
Appears after completion
So far, the blocking rule has been configured. Next, configure the whitelist and allow the specified IP address.
Create allowed rules
Click "add"
Add allowed Filter
In this example, set the CIDR block or specify a specific ip address.
Click Finish. The rule is configured. Click OK.
Configure filter actions
Select allow 1-62, click Next, and configure allow actions for "Allow 1-62,
Click Finish to show up. click Next.
Click OK
So far, [block all, allow 1-62] policy configuration is complete
Assignment rule
Right-click the policy and select allocate.
Note: windows 10 does not show the following conditions:
Solution