I have a list of ranges I need allowed.
http://nzip.meta.net.nz/files/nzip/nzsubnets.txt
Is there an easy way to only allow these ranges in IIS? It can be done in
Apache using the allow/deny, but there doesn't seem to be an easy way to do
it in IIS.
Thanks
Yes
there is an option to Allow all addresses except
and an option to Deny all addresses except
If you want to configure this in the GUI then IIS Manager -> right-click on
the website/application/folder/file you wish to protect -> Directory
Security Tab -> IP address and Domain Name restrictions -> select "By
default all computers will be denied access except..." and enter your list
of IP address and/or IP networks.
You can also do this from the command line if you wish.
Cheers
Ken
--
My IIS Blog: www.adOpenStatic.com/cs/blogs/ken
"infused"
news:ugy%23S31KIHA.5980@TK2MSFTNGP04.phx.gbl...
>I have a list of ranges I need allowed.
>
> http://nzip.meta.net.nz/files/nzip/nzsubnets.txt
>
> Is there an easy way to only allow these ranges in IIS? It can be done in
> Apache using the allow/deny, but there doesn't seem to be an easy way to
> do it in IIS.
>
> Thanks
Hi Ken,
Yep, I know how to do it from the gui... only there are about 300 entries.
Is there a way i can import these from a file?
Thanks
"Ken Schaefer"
news:OTjejB2KIHA.4752@TK2MSFTNGP05.phx.gbl...
> Yes
>
> there is an option to Allow all addresses except
> and an option to Deny all addresses except
>
> If you want to configure this in the GUI then IIS Manager -> right-click
> on the website/application/folder/file you wish to protect -> Directory
> Security Tab -> IP address and Domain Name restrictions -> select "By
> default all computers will be denied access except..." and enter your list
> of IP address and/or IP networks.
>
> You can also do this from the command line if you wish.
>
> Cheers
> Ken
>
> --
> My IIS Blog: www.adOpenStatic.com/cs/blogs/ken
>
>
> "infused"
> news:ugy%23S31KIHA.5980@TK2MSFTNGP04.phx.gbl...
>>I have a list of ranges I need allowed.
>>
>> http://nzip.meta.net.nz/files/nzip/nzsubnets.txt
>>
>> Is there an easy way to only allow these ranges in IIS? It can be done in
>> Apache using the allow/deny, but there doesn't seem to be an easy way to
>> do it in IIS.
>>
>> Thanks
>
There are many ways you can import this from a file. Both ADSI IIS interface
and WMI can be used if you wish to write a script.
Alternatively, you can simply use a batch file to call adsutil.vbs to update
the metabase appropriately
Cheers
Ken
--
My IIS Blog: www.adOpenStatic.com/cs/blogs/ken
"infused"
news:ujk$uf2KIHA.3516@TK2MSFTNGP02.phx.gbl...
> Hi Ken,
>
> Yep, I know how to do it from the gui... only there are about 300 entries.
> Is there a way i can import these from a file?
>
> Thanks
>
> "Ken Schaefer"
> news:OTjejB2KIHA.4752@TK2MSFTNGP05.phx.gbl...
>> Yes
>>
>> there is an option to Allow all addresses except
>> and an option to Deny all addresses except
>>
>> If you want to configure this in the GUI then IIS Manager -> right-click
>> on the website/application/folder/file you wish to protect -> Directory
>> Security Tab -> IP address and Domain Name restrictions -> select "By
>> default all computers will be denied access except..." and enter your
>> list of IP address and/or IP networks.
>>
>> You can also do this from the command line if you wish.
>>
>> Cheers
>> Ken
>>
>> --
>> My IIS Blog: www.adOpenStatic.com/cs/blogs/ken
>>
>>
>> "infused"
>> news:ugy%23S31KIHA.5980@TK2MSFTNGP04.phx.gbl...
>>>I have a list of ranges I need allowed.
>>>
>>> http://nzip.meta.net.nz/files/nzip/nzsubnets.txt
>>>
>>> Is there an easy way to only allow these ranges in IIS? It can be done
>>> in Apache using the allow/deny, but there doesn't seem to be an easy way
>>> to do it in IIS.
>>>
>>> Thanks
>>
>
Hi Ken,
I've tried to find an examle of the sort of command one would run but don't
seem to be having much luck. Is it possible to provide me with a quick
example?
Thanks
"Ken Schaefer"
news:eWp5Hy2KIHA.3848@TK2MSFTNGP05.phx.gbl...
> There are many ways you can import this from a file. Both ADSI IIS
> interface and WMI can be used if you wish to write a script.
>
> Alternatively, you can simply use a batch file to call adsutil.vbs to
> update the metabase appropriately
>
> Cheers
> Ken
>
> --
> My IIS Blog: www.adOpenStatic.com/cs/blogs/ken
>
>
> "infused"
> news:ujk$uf2KIHA.3516@TK2MSFTNGP02.phx.gbl...
>> Hi Ken,
>>
>> Yep, I know how to do it from the gui... only there are about 300
>> entries. Is there a way i can import these from a file?
>>
>> Thanks
>>
>> "Ken Schaefer"
>> news:OTjejB2KIHA.4752@TK2MSFTNGP05.phx.gbl...
>>> Yes
>>>
>>> there is an option to Allow all addresses except
>>> subnets> and an option to Deny all addresses except
>>> subnets>
>>>
>>> If you want to configure this in the GUI then IIS Manager -> right-click
>>> on the website/application/folder/file you wish to protect -> Directory
>>> Security Tab -> IP address and Domain Name restrictions -> select "By
>>> default all computers will be denied access except..." and enter your
>>> list of IP address and/or IP networks.
>>>
>>> You can also do this from the command line if you wish.
>>>
>>> Cheers
>>> Ken
>>>
>>> --
>>> My IIS Blog: www.adOpenStatic.com/cs/blogs/ken
>>>
>>>
>>> "infused"
>>> news:ugy%23S31KIHA.5980@TK2MSFTNGP04.phx.gbl...
>>>>I have a list of ranges I need allowed.
>>>>
>>>> http://nzip.meta.net.nz/files/nzip/nzsubnets.txt
>>>>
>>>> Is there an easy way to only allow these ranges in IIS? It can be done
>>>> in Apache using the allow/deny, but there doesn't seem to be an easy
>>>> way to do it in IIS.
>>>>
>>>> Thanks
>>>
>>
>