Reference Manual


isolate - Interact with the network isolation mechanism


isolate [ifn [on | off | flag]]



The isolate command can be used to block data transfers between private networks. Machines on an isolated network can communicate with the Internet and amongst themselves, but they cannot communicate with machines on another network.

A value of 2 for argument flag also blocks access to NAT32 honeypot processes.

Untrusted machines that require Internet access but that are to have no access to local resources (such as file and printer sharing) should always be connected to an isolated private network. NAT32 then prevents those machines from accessing content and services on other local networks. In particular, those machines cannot access NAT32 itself and users cannot change NAT32 settings.

Both NAT32 and Windows retain normal access to machines on isolated private networks.

NAT32 cannot block traffic it doesn't see, such as traffic that the WinPkFilter does not pass to NAT32. This is determined by the filters installed when startup.txt runs.

allow, white, sethtx, WinPkFilter