GoIP blocking USG310

Options
Aleksandar Aleksandrov
edited April 2021 in Security
Hi All,

I am receiving some SYN attacks on my site recently. They all come from different countries and every time I am blocking the country, adding a new rule.
Is there anyway that I create a rule to disable all incoming traffic, except the IPs from a certain GeoIP location? The idea is that my site is used only from 1 country and no one outside this country must be able to connect to it.

Thank you,
Aleksandar Aleksandrov

All Replies

  • Zyxel_Charlie
    Zyxel_Charlie Posts: 1,034  Zyxel Employee
    First Anniversary Friend Collector First Answer First Comment
    Options
    @aaleksandrov
    You need to create the GEOGRAPHY address group
    Go to configuration>Object>Address/Geo IP>Address> Create profile for each region

    Go to address group to Group all regions: all_world

    Create the IP address which you want to allow

    Go to Security Policy>Create any to any, Source:all_world, Deny > Create any to any, Source:Allow_IP, Allow

  • Thank you very much.
    Unfortunately I cannot add continents.
    For example if I want to block all requests from Europe, I need to create a row for each country in the Addresses tab and then create a group with all created GeoIP addresses.
    Is there any way that I can add directly continents?


    Thank you
  • Zyxel_Charlie
    Zyxel_Charlie Posts: 1,034  Zyxel Employee
    First Anniversary Friend Collector First Answer First Comment
    Options
    @aaleksandrov
    What firmware version are you using?
    To create address for continents, you just Go to configuration>Object>Address/Geo IP>Address>Select GEOGRAPHY on Address Type>Select continent on Region type

  • Hi,

    Thank you for update and sorry for my delay.
    The version that we currently have is 4.33. We have scheduled a firmware update.
    After we upgrade to 4.60, are we going to have the option to block/allow continents?

    Thank you,
    Aleksandar Aleksandrov

Security Highlight