Applies to: Exchange Server 2007 SP3, Exchange Server 2007 SP2, Exchange Server 2007 SP1
Topic Last Modified: 2009-05-15

Use the Remove-IPAllowListEntry cmdlet to remove an IP address from the configuration information for the Connection Filter agent on the computer on which the command is run.


Remove-IPAllowListEntry -Identity <IPListEntryIdentity> [-Confirm [<SwitchParameter>]] [-Server <ServerIdParameter>] [-WhatIf [<SwitchParameter>]]


Parameter Required Type Description




You must specify the Identity parameter of the IP address that you want to remove. When you add an IP address to the IP Allow list, the Identity parameter is automatically incremented.




The Confirm parameter causes the command to pause processing and requires you to acknowledge what the command will do before processing continues. You don't have to specify a value with the Confirm parameter.




To specify a different Hub Transport server on which you run the Remove-IPAllowListEntry cmdlet, include the Server parameter in the command. If you do not use the Server parameter, the command is run on the local server where the command is run.

You cannot use this cmdlet to configure other Edge Transport servers remotely.




The WhatIf parameter instructs the command to simulate the actions that it would take on the object. By using the WhatIf parameter, you can view what changes would occur without having to apply any of those changes. You don't have to specify a value with the WhatIf parameter.

Detailed Description

If you do not specify the Identity parameter when you run the Remove-IPAllowListEntry command, the Exchange Management Shell prompts you for it.

The IP Allow List entry configuration is used by the Connection Filter agent.

To run the Remove-IPAllowListEntry cmdlet, the account you use must be delegated the following:

  • Exchange Server Administrator role and local Administrators group for the target server

To run the Remove-IPAllowListEntry cmdlet on a computer that has the Edge Transport server role installed, you must log on by using an account that is a member of the local Administrators group on that computer.

For more information about permissions, delegating roles, and the rights that are required to administer Microsoft Exchange Server 2007, see Permission Considerations.

Input Types

Return Types


Error Description



The following code examples show a Remove-IPAllowListEntry command that removes the IP address or IP address range on the IP Allow List for the computer on which the command is run.


The following example removes the IP address from the IP Allow List.

Copy Code
Get-IPAllowListEntry | Where {$_.IPRange -eq ''} | Remove-IPAllowListEntry

The following example removes the IP range from the IP Allow List.

Copy Code
Get-IPAllowListEntry | Where {$_.IPRange -eq ''} | Remove-IPAllowListEntry
You must specify the Identity attribute of an IP Allow List entry when using the Remove-IPAllowListEntry command. The Identity attribute is an integer value that is automatically assigned when the IP Allow List entry is first created. To remove a specific IP address or range from the IP Allow List, you can use the output of the Get-IPAllowListEntry command.

Copy Code
Remove-IPAllowListEntry -Identity <Integer>