How can I define null route on Windows Server 2008 R2 Standard

Solution 1:

First remove all routes you added previously. Then do route print and in the first part of the output check the interface number of Software Loopback Interface (I guess that in your case it is not number 1)

Then add the following route:

route add x.x.x.x mask 255.255.255.255 g.g.g.g if L

Where:

  • x.x.x.x is the IP address you want to block
  • g.g.g.g is the IP address of your current default gateway
  • L is the interface number of Software Loopback Interface

Solution 2:

route -p add 172.16.0.0 mask 255.255.0.0 0.0.0.0

The destination (0.0.0.0) is the "unconfigured" ip address or a route to no where. The result, the host will not be able to communicate with anything in the private address block 172.16.0.0/16. If you have another route that is more specific in that same address range, the more specific route takes precedence. For example, also having this route:

route -p add 172.16.20.0 mask 255.255.255.0 (gateway ip)

...would allow the host to communicate with any ip address in this range (172.16.20.0/24) but continue to block any other address in 172.16.0.0/16.

Poor man's firewall...