Whitelisted IPs
Good morning I wanted to ask how to authorize an ip to my website protected by ATP200.
My security Plicy is configured to allow only Italian addresses. I need to authorize some IPs from other countries, I added them in the allow List of the Reputation Filter/IP Reputation of the Security Service section
Is it correct or do I have to do something else
Thank you
All Replies
-
Use Geo-IP, add the necessary IP addresses indicating the country of origin, and the gateway will let them through.
There should also be an appropriate policy for switching from a global network to a local one for the necessary service.
In the object type GEOGRAPHY , region Italy. and in the policies in the source, select it for long-term access from all italy addresses
1 -
-
Ok Provo quanto descritto da @Jonatan
0 -
I think it not a good approach to add the IP address into Geo/Country in this case.
From the security operation point of view.
To add another security policy with address group object is the right way to fit that.
(1) It's more visible the full rules on the same security policy page.
(2) You can identify firewall logging by different rule number.
(3) You can easy to enable/disable rules for troubleshooting.
(4) It don't cause misuse the Geo Country object if the Country object using on the other policy.
0 -
Sorry I didn't understand well. Two criteria, one that allows only IPs from Italy and another that authorizes some IPs even if not Italian, can both coexist and do they both rule?
0
Categories
- All Categories
- 415 Beta Program
- 2.4K Nebula
- 147 Nebula Ideas
- 96 Nebula Status and Incidents
- 5.7K Security
- 262 USG FLEX H Series
- 271 Security Ideas
- 1.4K Switch
- 74 Switch Ideas
- 1.1K Wireless
- 40 Wireless Ideas
- 6.4K Consumer Product
- 249 Service & License
- 387 News and Release
- 84 Security Advisories
- 29 Education Center
- 10 [Campaign] Zyxel Network Detective
- 3.5K FAQ
- 34 Documents
- 34 Nebula Monthly Express
- 85 About Community
- 73 Security Highlight