How to block IP and IP range on Windows server?

Reading time icon 3 min. read

Readers help support Windows Report. We may get a commission if you buy through our links. Tooltip Icon

Read our disclosure page to find out how can you help Windows Report sustain the editorial team Read more

Windows server how to block ip; block ip range - laptop on table

If you want to find out how to block IP and IP ranges on a Windows server, you are lucky.

In this article, we will discuss precisely this subject, and you will find out what are the best solutions available.

Blocking an IP or an IP range on your Windows server will allow you to prevent access to your server from a specific country or region. This will give you the possibility to control the security of your server easily.

Please follow the steps presented here carefully to avoid any issues.

Here’s how to block an IP or an IP range on Windows server

1. Add Local Computer to Security Policies

javascript code smaller - Windows server how to block ip; block ip range

  1. Press Win+R to start the Run dialog box.
  2. Type MMC -> press Enter.
  3. Inside the console -> click File -> Add/Remove Snap in.
  4. Select the Standalone tab -> click the Add button.
  5. Choose the IP Security Policy Management option -> Add -> Local Computer -> Finish -> Close -> Ok.

2. Create IP security policy

laptop on desk with user - Windows server how to block ip; block ip range

  1. Inside the console -> right-click the IP security policies on local computer option found in the left pane -> choose Create IP security policy.
  2. Click the Next button and name the policy Block IP.
  3. Add a description of your choosing.
  4. Click the Next button and make sure that the box next to the Activate option is ticked.
  5. Click Next -> tick the Edit properties option -> click the Finish button (this will open the properties window).

Seeing the specified user does not exist error in Windows Server? Do this to fix it

3. Create a new rule inside the IP filter list

user laptop - Windows server how to block ip; block ip range

  1. Inside the properties window that you previously opened -> click Add -> Next.
  2. Make sure the This rule does not specify a tunnel option is selected -> click Next.
  3. Leave the All network connection option selected -> click Next.
  4. This will open the IP filter list (you will need to create a new filter, so don’t choose any of the default values).
  5. Click Add -> type a name for your list (ex. IP block list) -> add a description (can be the same as name).
  6. Add the option -> click Next to move to the next step.
  7. Type IP1 as a name (or IP range) in the description box.
  8. Make sure the Mirrored. Match packets with the exact opposite source and destination addresses option is ticked -> Next (source address needs to be the same as My IP address).
  9. Select A specific IP address or A specific Subnet (depending on if you want to block an IP or IP range).
  10. Copy-paste the IP address or the subnet type -> click Next -> select Protocol Type as Any -> Next -> Finish.


In today’s fix article we explored how to block an IP or IP range on a Windows server quickly. We hope the guide was easy to follow, and that it managed to solve your issue.

Please feel free to let us know if it did by using the comment section found below this article.


More about the topics: windows 10, windows server