How to block the Ip address on Zyxel usg 60 firewall

shashank
shashank Posts: 4  Freshman Member
First Comment
edited April 2021 in Security
Hello,

I need to block the local IP address on Zyxell firewall

Comments

  • PeterUK
    PeterUK Posts: 3,461  Guru Member
    100 Answers 2500 Comments Friend Collector Seventh Anniversary

    You want security control > policy control then add a deny rule for the IP.

    do you have a switch to the USG as if you do the USG can't deny IP routed by the switch. 

  • Zyxel_Cooldia
    Zyxel_Cooldia Posts: 1,511  Zyxel Employee
    Zyxel Certified Network Administrator - Security Zyxel Certified Sales Associate 100 Answers 1000 Comments
    Hi @shashank,
    Configuration as below,
    1)     Go to “Configuration > Security Policy > Policy control” and click “add” to create a rule
    2)     From = LAN1
    To   = WAN
    Source = Lan host which you want to block outgoing traffic.
    Action = deny



  • dudu
    dudu Posts: 6  Freshman Member
    First Comment
    Hi,
    I need to block a list of IP's can it be done from a command line? 
  • jasailafan
    jasailafan Posts: 193  Master Member
    5 Answers First Comment Friend Collector Sixth Anniversary
    @dudu
    You can create an address group object and move the list of IPs to this address group object.
    Then apply this address group object to the security policy rule. 

    Use the commands to create a bundle of IPs.
    Router> configure terminal
    Edit the list of IPs first and then copy and paste them all on console/ssh.
    address-object ip1  10.1.1.1
    address-object ip2  10.1.1.2
    address-object ip3  10.1.1.3
    address-object ip4  10.1.1.4
    address-object ip5  10.1.1.5
    .......