This tutorial is designed to walk you through the Geo-IP function. We'll explore the process of restricting access to your device from specific countries or regions. Additionally, we'll delve into how to prevent access from your local network to resources situated in specific geographic areas.
In the configuration example below, we will show how to configure to block traffic from a specific country - in our example, North Korea is selected as the country we want to block.
Disclaimer! This article offers a general overview of the series and may not apply uniformly to every model, software/firmware version. Before purchasing or using the device, please consult the model/version-specific documentation or reach out to technical support for accurate information.
- Navigate to the WEB GUI of your device
Go to > Object > Address
- Click "Add"
- Type in a speaking name for the object, choose “GEOGRAPHY” as the Address Type, choose the needed country, and click “Apply”
The next step is to create an appropriate rule to block access.
Blocking traffic from a specific country to our device
Go to Security Policy > Policy Control and click "Add"
Select:
- From: any
- To: any (Excluding ZyWall)
- Geo IP country object for "Source"
- Select Action: "Deny"
- Click "Apply"
Block access from the local network to resources located in a specific country
Go to Security Policy > Policy Control and click "Add"
Select:
- From: any
- To: any (Excluding ZyWall)
- Geo IP country object for "Destination"
- Select Action: "Deny"
- Click "Apply"
After setting this firewall rule to active, requests from that country to your internal networks will be blocked in the future. You can enable the logging for that rule to see in the logs under Log & Report > Log / Event