I am trying to create a firewall rule in Norton Internet Security 2010 that I just can not seem to get to work. This rule is to block specific IP addresses from accessing my web server. I am running Apache on Windows 7.

This is the setting for the rule (Smart Firewall / Advanced Settings / General Rules):

• Click: Add
• Action: Block
• Connections: to and from
• Computers: Specific (an IP that attempts to search for proxy connections, also an IP and Host from my VPN as a test)
• Communications: All
• Advanced: Check marked Create a Security History log entry and Apply this rule when from NAT traversal.
• Description: Custom Block Specific IPs
• Clicked: Ok
• Moved rule to the top of the list
• Clicked Ok times 3
• Clicked X to send Norton Internet Security back to thre system tray.

I then tested this rule from another computer already connected to VPN (rule matches this host and IP) but the rule does not work. I am able to connect to my web server with out any problems at all. I checked my Apache log and I see my VPN connection logged as normal. I also see the specific IP address I am trying to block from proxy searching my web server in the logs as well.

Just for the heck of it I went back into the Smart Firewall settings and turned on Block All Network Traffic for a duration of 15 minutes. I am still able to connect to my web server from outside my network without any problems at all. I do notice that the Block All Network Traffic is blocking me from most outbound connections (e.g. can open a web page in my browser) but Apache seems to be working fine. I read that Advanced Settings (General Rules) are applied before Program Control rules are. I even went so far as to create a rule spcifically for Apache to block the IP's I am using from the General Rules and it still does not work.

Any idea what I am doing wrong?