How to block the Ip address on Zyxel usg 60 firewall

shashank Posts: 4
First Comment
 Freshman Member
edited April 2021 in Security

I need to block the local IP address on Zyxell firewall


  • PeterUK
    PeterUK Posts: 1,591
    50 Answers 1000 Comments Friend Collector Fifth Anniversary
     Guru Member

    You want security control > policy control then add a deny rule for the IP.

    do you have a switch to the USG as if you do the USG can't deny IP routed by the switch. 

  • Zyxel_Cooldia
    Zyxel_Cooldia Posts: 1,102
    Zyxel Certified Network Administrator - Security Zyxel Certified Sales Associate 50 Answers 1000 Comments
     Guru Member
    Hi @shashank,
    Configuration as below,
    1)     Go to “Configuration > Security Policy > Policy control” and click “add” to create a rule
    2)     From = LAN1
    To   = WAN
    Source = Lan host which you want to block outgoing traffic.
    Action = deny

  • dudu
    dudu Posts: 6
    First Comment
    I need to block a list of IP's can it be done from a command line? 
  • jasailafan
    jasailafan Posts: 172
    5 Answers First Comment Friend Collector Fifth Anniversary
     Master Member
    You can create an address group object and move the list of IPs to this address group object.
    Then apply this address group object to the security policy rule. 

    Use the commands to create a bundle of IPs.
    Router> configure terminal
    Edit the list of IPs first and then copy and paste them all on console/ssh.
    address-object ip1
    address-object ip2
    address-object ip3
    address-object ip4
    address-object ip5

Security Highlight