Jump to content
Kaspersky Support Forum

Block all in coming and outgoing packets except from a single IP

Zaheer Ahmed

By Zaheer Ahmed
in Kaspersky Internet Security

 Share
Go to solution Solved by Wesly.Zhang,

Recommended Posts

Zaheer Ahmed

Zaheer Ahmed

Posted
  • Author
Posted

I have installed Kasper Internet Security and configured the firewall to allow incoming/outgoing connection from a single IP.  But it is not working, I cannot access the system from the IP which is allowed access.  Here are the screen shots of my configuration :

 

Zaheer Ahmed

Zaheer Ahmed

Posted
  • Author
Posted

Thanks for a quick reply.  Network is already marked as trusted, but still same issue.

 

andrew75

andrew75

Posted
Posted

@Zaheer Ahmed, describe the problem in more detail please.

By your rule you allow all incoming and outgoing packets from the address 192.168.1.51 to the address 192.168.1.51

Zaheer Ahmed

Zaheer Ahmed

Posted
  • Author
Posted

What I am trying to achieve is to block a computer from internal/external (LAN/Internet) network access.  I want to copy to/from files in a shared folder on this PC from another PC with a fixed IP address.  No other PC on LAN should be able to access this PC and similarly this PC should not be able to access any other PC on LAN.

I am using Windows 10 Pro.  And the PC with IP address 192.168.1.51 is not able to access this PC with above settings.

When I allow Any Network Activity in Firewall, then I am able to access the PC.  But in that case all other PCs also can access the files in shared folder.

andrew75

andrew75

Posted
Posted

@Zaheer Ahmed you must create two rules on the computer with ip 192.168.1.14 and place them at the top of the list.

1.

 

2.

 

The 1st rule allows access from the address 192.168.1.51
The 2nd rule denies access from the local network.

Zaheer Ahmed

Zaheer Ahmed

Posted
  • Author
Posted

@Zaheer Ahmed you must create two rules on the computer with ip 192.168.1.14 and place them at the top of the list.

1.

 

2.

 

The 1st rule allows access from the address 192.168.1.51
The 2nd rule denies access from the local network.

 

After applying the above settings, I was able to access 192.168.1.14 from 192.168.1.51.
But now 192.168.1.14 is also accessible from other PCs on Network, e.g. I tried to access it from 192.168.1.53 and after giving credentials I was able to login and see shared folders.

Zaheer Ahmed

Zaheer Ahmed

Posted
  • Author
Posted

After applying the above settings, I was able to access 192.168.1.14 from 192.168.1.51.
But now 192.168.1.14 is also accessible from other PCs on Network, e.g. I tried to access it from 192.168.1.53 and after giving credentials I was able to login and see shared folders.

Here are screen shots of updated settings :

 

Wesly.Zhang

Wesly.Zhang

Posted
Posted

Hello,

In order to understand your requirement clearly. I draw a network topology. Please mark your actual requirment in this picture. Their IP address of the PC and which PC install the Kaspersky product. Which computer is the resource sharing and so on. This can help us.

 

Zaheer Ahmed

Zaheer Ahmed

Posted
  • Author
Posted

Hello,

In order to understand your requirement clearly. I draw a network topology. Please mark your actual requirment in this picture. Their IP address of the PC and which PC install the Kaspersky product. Which computer is the resource sharing and so on. This can help us.

 

Thanks for replying.

Here is the drawing of access I want.

 

harlan4096

harlan4096

Posted
Posted

I think this should be implemented without needing Kaspersky… just setting/giving password protecting network resources to all the network PCs… then give credentials (user/password) to access the shared folders only to those systems You want…

   

 

 

Wesly.Zhang

Wesly.Zhang

Posted
Posted

After applying the above settings, I was able to access 192.168.1.14 from 192.168.1.51.
But now 192.168.1.14 is also accessible from other PCs on Network, e.g. I tried to access it from 192.168.1.53 and after giving credentials I was able to login and see shared folders.

Here are screen shots of updated settings :

 


Hello, @Zaheer Ahmed 

I think the second screenshot you should set firewall rule as below:

 

It worked?

Regards.

Zaheer Ahmed

Zaheer Ahmed

Posted
  • Author
Posted

After applying the above settings, I was able to access 192.168.1.14 from 192.168.1.51.
But now 192.168.1.14 is also accessible from other PCs on Network, e.g. I tried to access it from 192.168.1.53 and after giving credentials I was able to login and see shared folders.

Here are screen shots of updated settings :

 


Hello, @Zaheer Ahmed 

I think the second screenshot you should set firewall rule as below:

 

It worked?

Regards.

No.  Applying these settings, I was unable to connect from 192.168.1.51 or from any other PC

Zaheer Ahmed

Zaheer Ahmed

Posted
  • Author
Posted

I think this should be implemented without needing Kaspersky… just setting/giving password protecting network resources to all the network PCs… then give credentials (user/password) to access the shared folders only to those systems You want…

   

 

 

Kaspersky firewall DOES provide this facility.   Isn’t it better to configure a single PC ?

  • Solution
Wesly.Zhang

Wesly.Zhang

Posted
  • Solution
Posted

Hello, @Zaheer Ahmed 

I create a test envirment. My Physical host machine IP address is 192.168.1.7. MY VM machine IP address is 192.168.1.9. The all in one same network segment and the router LAN IP is 192.168.1.1.

I install KIS 2021 beta in VM machine (192.168.1.9). I am now testing this build. So I can not install KIS 2020, But I think the firewall behavior is the same.

I creat two rules in packet filter rules and modify the rules sequence as below:

Then using Physical host machine “Ping 192.168.1.9”. The result is as below: It is OK.

And then using VM machine “Ping 192.168.1.7”. The result is as below: It is OK to 192.168.1.7 and block to access 192.168.1.8. The behavior is as expect.

Do you also have this behavior? Please reply the result from you.

Zaheer Ahmed

Zaheer Ahmed

Posted
  • Author
Posted

Hello, @Zaheer Ahmed 

I create a test envirment. My Physical host machine IP address is 192.168.1.7. MY VM machine IP address is 192.168.1.9. The all in one same network segment and the router LAN IP is 192.168.1.1.

I install KIS 2021 beta in VM machine (192.168.1.9). I am now testing this build. So I can not install KIS 2020, But I think the firewall behavior is the same.

I creat two rules in packet filter rules and modify the rules sequence as below:

Then using Physical host machine “Ping 192.168.1.9”. The result is as below: It is OK.

And then using VM machine “Ping 192.168.1.7”. The result is as below: It is OK to 192.168.1.7 and block to access 192.168.1.8. The behavior is as expect.

Do you also have this behavior? Please reply the result from you.

Thanks alot.  Yes its working now.  I think I was missing the sequence.  2 & 3 were after 4 in my settings.

Please sign in to comment

You will be able to leave a comment after signing in



Sign In Now
 Share
Go to topic listing


×
×
  • Create New...