deny access to ECP

ALAHMADI, TURKI YOUSEF S 1 Reputation point
2021-09-29T18:23:20.957+00:00

Hi,

How to deny access to ECP virtual directory for specific IP address only like (Bad IP)

Exchange Server Management
Exchange Server Management
Exchange Server: A family of Microsoft client/server messaging and collaboration software.Management: The act or process of organizing, handling, directing or controlling something.
7,481 questions
{count} votes

1 answer

Sort by: Most helpful
  1. Yuki Sun-MSFT 41,011 Reputation points
    2021-09-30T03:51:13.407+00:00

    Hi @ALAHMADI, TURKI YOUSEF S

    How to deny access to ECP virtual directory for specific IP address only like (Bad IP)

    If you are running Exchange 2019 or Exchange Online, you can use Client Access Rules to block client access to the EAC(or ECP) based on specific IP addresses. For instance, the command below can be used to create a new Client Access Rule named "Restrict ECP Access" that blocks access to the Exchange admin center for clients in the IP addresses 192.168.1.1 and 192.168.1.2:

    New-ClientAccessRule -Name "Restrict ECP Access" -Action DenyAccess -AnyOfProtocols ExchangeAdminCenter -AnyOfClientIPAddressesOrRanges 192.168.1.1,192.168.1.2 -Priority 1  
    

    For more information, see Client Access Rules in Exchange Server.

    If you are running other versions of Exchange server where Client Access rule is not available, then you could install "IP and Domain Restrictions" role and set up restrict EAC in IIS. For more details, see: Adding IP Security.
    136489-1.png
    136448-2.png


    If an Answer is helpful, please click "Accept Answer" and upvote it.
    Note: Please follow the steps in our documentation to enable e-mail notifications if you want to receive the related email notification for this thread.

    0 comments No comments