This tutorial will guide you through the GeoIP function, which has been introduced from v4.20 onwards!
Walkthrough Steps
After you went through these steps you are able to block the access to your USG or network for specific countries:
- Log in to the unit by entering its IP address and the credentials for an admin account (by default, username is “admin”, password is “1234”)
- Navigate to Configuration > Object > Address/Geo IP and click “Add”
- Type in a speaking name for the object, choose “GEOGRAPHY” as the Address Type, choose the needed Country and click “OK”
- Using the tab “Geo IP” above you can update the Geo IP database, configure an automatic update schedule for the database, create your own IPv4 to Geography rules and test different IPs to see to which country they belong
- Navigate to Configuration > Security Policy > Policy Control and click “Add”
- Choose “From: any”, “To: any (Excluding ZyWall)”, the Geo IP country object for the Source and click “OK”
After setting this firewall rule to active, requests from that country to your internal networks will be blocked in future. You can enable the logging for that rule to see in the logs under Monitor > Log.
Please note: To also block the access for that country to your ZyWall, you would need to create a second firewall rule similar to the first one where you define the Destination “ZyWall”.
KB-00045
Comments
1 comment
Why can't I create an address group by GEO-IP??????
Please sign in to leave a comment.