Windows – why can I not managing to block an IP address in windows 7 firewall

pingwindows 7windows firewall

I pinged google

C:\Users\user>ping 216.58.211.164

Pinging 216.58.211.164 with 32 bytes of data: Reply from
216.58.211.164: bytes=32 time=41ms TTL=128

Now I want to try blocking that IP

So I created a rule..
Here are my profile settings

FW-1

Below you see the rule I created in an attempt to stop myself being able to ping that IP

FW-2

And here are screenshots showing the rule

FW-3

FW-4

FW-5

FW-6

FW-7

FW-8

Then I ping and it isn't blocked

enter image description here

Notice from the screenshots that I have chosen all protocols so it should include ICMP.

Best Answer

Possible Issues

1. Select Any Local IP Address

Unde Scope (in your last screenshot), change "Local IP Address":

  • From: "These IP Addresses" (0.0.0.0)
  • To "Any IP Address"

Firewall isn't necessarily "blocking traffic from B", it's "blocking traffic between A and B".

Where A represents your local IP addresses (since multiple IPs can bind to the same box) and B is the remote address. The sure fire way to block any traffic between your machine to the remote one is to just block all IPs from your local box.

2. Block all connections by default

Windows by default allows all outgoing connections. You need to:

  1. Go to Advanced settings of firewall
  2. Then, on the right side panel, click properties
  3. Turn on all tabs (Private/Domain/Public) for Outbound connections to block.

Be warned that it disables ALL outgoing connections, and you need to set up outgoing rules after that for any program you want that allowed to go out.

Related Question