- Click on Start and then select Run...
- Type the following into the Open field and click on OK:
mmc.exe - Click on File menu from the top and then select Add/Remove Snap-in... - See a screenshot
- Click on Add and select IP Security Policy Management then click on Add - See a screenshot
- When prompted, select Local computer and then click on Finish. Click on Close and then on OK
- From the right pane, click on IP Security Policies on Local Computer then right-click this item and select Create IP Security Policy... - See a screenshot
- A wizard should show up, click on Next to proceed with setting up the IP Security Policy that we will use to block the IP address(es)
- Insert a unique name that you can recognize for the new IP Security Policy into the Name field, in this example we will be using Block Google - See a screenshot
- Click on Next when you are done naming the IP Security Policy then click on Next once again
- If prompted, select an initial authentication method or leave Active Directory default (Kerberos V5 Protocol) ticked then click on Next
- Make sure that Edit properties is ticked and then click on Finish
- The properties of the new IP Security Policy should appear, click on Add to add a new rule in order to block the IP address(es) - See a screenshot
- Click on Next and keep This rule does not specify a tunnel ticked then click on Next - See a screenshot
- Leave All network connections ticked then click on Next
- If prompted, select an initial authentication method for the rule or leave Active Directory default (Kerberos V5 Protocol) ticked then click on Next
- Click on Add to specify a new IP filter, this is the filter that will be used by the rule to block the IP address(es) - See a screenshot
- Insert a name for the IP filter into the Name field, in this example we are going to use Block Google IPs
- Click on Add to start filtering the IP address(es) - See a screenshot
- A wizard should show up, click on Next to proceed with setting up the IP filter.
- In the Source address field, select My IP Address and click on Next - See a screenshot
- In the Destination address field, select A specific IP address
- Insert the IP address to block into the IP address field (e.g: 1.2.3.4) and click on Next
- Leave Protocol type as Any to block all connections from this IP address and click on Next. Repeat step 18-23 to add more IP addresses.
- Click on Finish then on OK to save the IP filter
- Select the IP filter you have just created to specify it as the IP filter for the rule to use and click on Next - See a screenshot
- Select Block as the filter action, if you cannot see it, click on Add and then on Next. Name the new filter action as Block, click on Next and then select Block and then click on Finish
- Click on Apply to save the new IP Security Policy and then click on OK
- Back to the Console Root, click on IP Security Policies on Local Computer from the right pane and then from the left pane right-click the IP Security Policy you have created (called Block Google in this example) and select Assign to activate it. - See a screenshot
- Congratulations! After selecting Assign your new IP Security Policy should be active and the IP addresses you have specified should be blocked - See a screenshot
Notice: If you can't find the Run... item, press these keys together at the same time:
Win+R
Notice: If you want to block a website instead, select A specific DNS Name and type the website address (google.com for example; which is also used in this example)
Notice: To deactivate an IP Security Policy, right-click the policy and select Un-assign