To ALLOW ONLY Specific Network To Access:
There is a underlying policy's under the policies: deny all what we need to do is create the explicit allow policies
what we need to do:
-
under the inbound scope:
-
disable all of other allow rules or connections will still make it through from them
-
run the command below
netsh advfirewall firewall add rule name="Allow from Internal Access" dir=in action=allow protocol=ANY remoteip=172.16.11.0/24172.16.15.0/24 172.16.10.0/24 172.16.30.0/24 Or powershell:New-NetFirewallRule -Name Allow192.0.2.55 -DisplayName 'Allow from 192.0.2.55' -Enabled True -Direction Inbound -Protocol ANY -Action Allow -Profile ANY -RemoteAddress 172.16.15.0/24 -
Restart the Firewall service after creating the rules
