Upgrading ipseccmd script (XP) to WIndows 7 using netsh

Question

Current script:

cd "%ProgramFiles%\Support Tools"
ipseccmd -w REG -p "IGA-B-Gone" -r "Block Outbound connections to IGA servers 72.3.184.144/28" -f 0=72.3.184.144/255.255.255.240::TCP -n BLOCK -x
ipseccmd -w REG -p "IGA-B-Gone" -r "Block Outbound connections to IGA servers 72.32.5.0/28" -f 0=72.32.5.0/255.255.255.240::TCP -n BLOCK -x
net stop policyagent
net start policyagent

I notice Windows 7 (and Vista) does not use ipseccmd but has netsh instead. I am unfamiliar with this tool how can I use it to block IP ranges?

score 2 · Answer 1 · answered Jul 05 '11 at 21:13

I think you want the netsh advfirewall firewall add rule command.

http://technet.microsoft.com/en-us/library/cc771920(WS.10).aspx

You can set Inbound and Outbound rules that filter by IP there. You can make a custom rule once in the GUI and then use show rule name ="blah" to get a good idea what they set when you configure it.

Upgrading ipseccmd script (XP) to WIndows 7 using netsh

1 Answers1