I want to block all internet connections to and from my windows 7 machine, but allow it to access everything on the local network. The local network is behind an Apple Airport Extreme.
What is the easiest way to do this?
I want to block all internet connections to and from my windows 7 machine, but allow it to access everything on the local network. The local network is behind an Apple Airport Extreme.
What is the easiest way to do this?
You could create a firewall rule to block these connections. Follow these steps:
Windows Firewall Properties
Block
.Go to Outbound Rules
and select New Rule...
from the Actions in the right pane.
Rule type should be Custom
:
Go to the Scope
step and for the remote IP address, select these IP addresses
, then Add..
, then Predefined set of computers
and finally Local Subnet
.
Go to Name
step, enter name of "Allow local Subnet" and click Finish.
You're done configuring it!
To block all outbound Internet traffic:
netsh advfirewall set currentprofile firewallpolicy blockinbound,blockoutbound
To allow all outbound Internet traffic
netsh advfirewall set currentprofile firewallpolicy blockinbound,allowoutbound
If you are trying to block Internet access as a result of excessive Internet usage, there is specialized software that can block all Internet access when monthly or daily Internet traffic exceeds pre-defined maximum. Local network access is still allowed, though. One such program is DU Meter, which also has many other bells and whistles related to Internet bandwidth management on Windows computer.
Disclaimer: I'm the author of DU Meter.
If you disable DHCP then set an IP address and subnet mask but leave default gateway blank, then your computer will be unable to access outside the local network.
If someone is an administrator over the local machine, they would be able to reverse this if they were trying, but if that isn't a concern then this should work.
If you're working through the GUI in Windows 8.x:
set the Scope of the Local IP address to "Any IP address"
set the Remote IP address to "These IP addresses"
select "Internet" under the list of "Predefined set of computers"
Make sure to check the correct profile that is assigned to the network card that you want this rule to work on. Lastly:
check that the rule is enabled
set the Action to "Block the connection"
The rule is active immediately