How to block the Ip address on Zyxel usg 60 firewall

shashank
shashank Posts: 4
First Comment
 Freshman Member
edited April 2021 in Security
Hello,

I need to block the local IP address on Zyxell firewall

Comments

  • PeterUK
    PeterUK Posts: 1,591
    50 Answers 1000 Comments Friend Collector Fifth Anniversary
     Guru Member

    You want security control > policy control then add a deny rule for the IP.

    do you have a switch to the USG as if you do the USG can't deny IP routed by the switch. 

  • Zyxel_Cooldia
    Zyxel_Cooldia Posts: 1,102
    Zyxel Certified Network Administrator - Security Zyxel Certified Sales Associate 50 Answers 1000 Comments
     Guru Member
    Hi @shashank,
    Configuration as below,
    1)     Go to “Configuration > Security Policy > Policy control” and click “add” to create a rule
    2)     From = LAN1
    To   = WAN
    Source = Lan host which you want to block outgoing traffic.
    Action = deny



  • dudu
    dudu Posts: 6
    First Comment
    Hi,
    I need to block a list of IP's can it be done from a command line? 
  • jasailafan
    jasailafan Posts: 172
    5 Answers First Comment Friend Collector Fifth Anniversary
     Master Member
    @dudu
    You can create an address group object and move the list of IPs to this address group object.
    Then apply this address group object to the security policy rule. 

    Use the commands to create a bundle of IPs.
    Router> configure terminal
    Edit the list of IPs first and then copy and paste them all on console/ssh.
    address-object ip1  10.1.1.1
    address-object ip2  10.1.1.2
    address-object ip3  10.1.1.3
    address-object ip4  10.1.1.4
    address-object ip5  10.1.1.5
    .......

Security Highlight