How can I restrict windows 7 to only use the local subnet, but block the internet

networking windows firewall windows-7 home-networking

Solution 1:

Option #1 (Windows Firewall rules)

You could create a firewall rule to block these connections. Follow these steps:

Change the default firewall behavior to block outbound network connections:

  1. Enter "firewall" from the Start search and open "Windows Firewall with Advanced Security".
  2. Notice which firewall profile is active. It says "... is active" in the overview list.
  3. Click on Windows Firewall Properties
  4. Change state for Outbound connections for the active profile to Block.
  5. Click OK to apply.

Create a firewall rule to allow local network outbound connections:

  1. Go to Outbound Rules and select New Rule... from the Actions in the right pane.

  2. Rule type should be Custom:

  3. Go to the Scope step and for the remote IP address, select these IP addresses, then Add.., then Predefined set of computers and finally Local Subnet.

  4. Go to Name step, enter name of "Allow local Subnet" and click Finish.

You're done configuring it!

Control via script

To block all outbound Internet traffic:

netsh advfirewall set currentprofile firewallpolicy blockinbound,blockoutbound

To allow all outbound Internet traffic

netsh advfirewall set currentprofile firewallpolicy blockinbound,allowoutbound

Option #2 (Specialized software)

If you are trying to block Internet access as a result of excessive Internet usage, there is specialized software that can block all Internet access when monthly or daily Internet traffic exceeds pre-defined maximum. Local network access is still allowed, though. One such program is DU Meter, which also has many other bells and whistles related to Internet bandwidth management on Windows computer.

Disclaimer: I'm the author of DU Meter.

Solution 2:

If you disable DHCP then set an IP address and subnet mask but leave default gateway blank, then your computer will be unable to access outside the local network.

If someone is an administrator over the local machine, they would be able to reverse this if they were trying, but if that isn't a concern then this should work.

Solution 3:

If you're working through the GUI in Windows 8.x:

  1. set the Scope of the Local IP address to "Any IP address"

  2. set the Remote IP address to "These IP addresses"

  3. select "Internet" under the list of "Predefined set of computers"

    Make sure to check the correct profile that is assigned to the network card that you want this rule to work on. Lastly:

  4. check that the rule is enabled

  5. set the Action to "Block the connection"

    The rule is active immediately

Related

Why does Windows still have the BSOD on Ctrl+Scroll+Scroll "feature"?
How to unmark an NTFS cluster as bad?
Google Chrome command line switches
How do I set the desktop background on Windows from a script?
Windows refuses to remember network share credentials
How to clear all Windows event log categories fast
How to compare mp3, flac audio data in a file, ignoring header data (ID3 tag) etc.?
How to identify what slot type a particular PC card is? [closed]
On OS X, how do you change a file's "Kind"?
Extract first page from multiple pdfs
Best Mac OS X DVD Ripper [closed]
Where and how can I view skype logs (Chat and Voice history)?