From: "Hrvoje Mesing" 


"John Beckett"  wrote
in message news:412f0ae7.1896326{at}216.144.1.254...

> "Hrvoje Mesing"  wrote in message
> news::
>> I wanted to set Grant for just few IP_s and one subnet.
>> Everything worked OK until one computer which was not allowed normally
>> connected to the \\something\share$ which was active.
>
> I don't know, but first check would be at command prompt on the something
> computer:
>
> netstat -n
>
> Exactly what IP is connected? It should be the rogue machine that you want
> blocked. But is it?
>
> It's a while since I played with IPSec filters so I am vague, but ISTR you
> need a "catch all" rule to block access. You also have a
rule to permit
> the IPs that you want. I don't think you mentioned having a block rule.


-+-

netstat -aNo (which should give me the process names too) gives nothing ==
like the I_would_like_it_to_be_blocked_computer is not connected at all,
but then again, I still see it when it is doing interaction/browsing on the
share itself.

I made a rule/s that block everything of course (I trust in: First block
everything, then open what You need) + I made an exception rules which do
not catch the I_would_like_it_to_be_blocked_computer in any metter!

+ I found a new machine that can connect - fresh share mapping - with no
problem and is explicity blocked (!).

Weird, but I must be wrong somewhere!

I will countinue to Test on Mondays.

Thank You All!


-+-
M.

--- BBBS/NT v4.01 Flag-5