Can I limit WMI to a specific network interface

I have a Windows Server 2012 R2 virtual machine with two network interfaces. I would like to be able to query WMI on one interface and block all WMI request on the other. So far, no matter what I've tried, Windows firewall will either block both interfaces or neither.

I've tried using the sources tab on the firewall rule named "Windows Management Instrumentation (WMI-In)" to specify a local address. I've also tried using PowerShell Set-NetFirewallInterfaceFilter to specify only a single interface.

I've used Wireshark to verify that the traffic is going to the expected IP addresses. I've been testing the wmi connectivity by using the PowerShell command gwmi -computername 172.16.136.x win32_computersystem

Solution 1:

if your network interfaces and their corresponding network adapters happen to have a one-to-one relationship, then yes you can restrict WMI to a given interface.

I'm not sure how this might be accomplished by PowerShell cmdlets but given how wildly diverse the terminology and consequently sparse the documentation can be from Microsoft regarding "the PowerShell way" (which I happen to be a massive fan of regardless of critique), I would research later. You can accomplish what you want via GUI (firewall.cpl) with the advanced dialog box.

See the screenshot for how to accomplish this:firewall with advanced security control panel applet

For a given network profile, assuming you have configured the governing profile to your specification, you could simply check the boxes to administratively enable/disable as-needed.

Cheers!