The Group Policy allows access by a specified IP address.

The Group Policy allows access by a specified IP address.

Background: A local oil depot has a computer and the IP address is 10. x.Y. a. The headquarters scanned the computer and opened the TCP port 102 to allow only the IP addresses of the local network segment (10.10.X.Y.A-B) of the oil depot to access the TCP port 102 of the device, others are not allowed.

As the winxp policy of the production machine has been configured, this article uses win10 as an example.

Create Policy

1. Open the Group Policy and right-click to create an IP Security Policy.

 

 

Click Finish

 

 

 

Create a blocking rule

As shown in the following figure, click Add.

Add block filter

 

 

Click Add

 

 

Click Finish. The configuration details are displayed. Click OK.

 

 

 

 

Configure filter actions

Configure action-stop for "block all", select "block all", and click Next

 

 

Select "Block", click "Next", and then click "finish ".

 

 

 

Appears after completion

 

 

 

So far, the blocking rule has been configured. Next, configure the whitelist and allow the specified IP address.

 

 

 

 

 

 

 

 

 

 

 

 

 

Create allowed rules

Click "add"

 

 

 

Add allowed Filter

 

 

 

In this example, set the CIDR block or specify a specific ip address.

 

 

 

Click Finish. The rule is configured. Click OK.

 

 

 

 

 

 

 

Configure filter actions

 

 

 

Select allow 1-62, click Next, and configure allow actions for "Allow 1-62,

 

 

Click Finish to show up. click Next.

 

 

 

Click OK

 

 

 

So far, [block all, allow 1-62] policy configuration is complete

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

Assignment rule

Right-click the policy and select allocate.

 

 

Note: windows 10 does not show the following conditions:

 

 

 

 

Solution