Menu

Join the Conversation

To sign in, use your existing MySonicWall account. To create a free MySonicWall account click "Register".

Sign In Register

How can I block an IP address using access rules?

Simon_WeelSimon_Weel Enthusiast ✭✭
in Mid Range Firewalls

That's the title of this article:

How can I block an IP address using access rules? | SonicWall

Reading the article, it seems to me access isn't blocked at all - it is granted? Am I wrong?

Category: Mid Range Firewalls
Reply

Answers

  • TKWITSTKWITS Community Legend ✭✭✭✭✭

    Based on the screenshot they provided yes. A more thorough KB would be:

    https://www.sonicwall.com/support/knowledge-base/how-to-configure-access-rules/210531012212553

  • InTech97InTech97 Newbie ✭

    My client has a similar need to block IP addresses. So, we created an Address Object Group (we named it WAN IP Blacklist) and then created as many individual Address Objects of Type=Host, Zone=WAN for the IP addresses you want to block. Then add the Host/WAN address objects to the previously created Address Object Group.

    Then we created two "Deny" Access Rules:

    WAN > LAN, Source=the Address Object Group created above, Destination=Any, Service=Any, Action=Deny

    WAN > WAN, same config as WAN > LAN.

    Make sure the priorities of the Access Rules are set so they are processed first for their respective zones.

  • blueblue Newbie ✭
    couldn't a WAN to ANY cut on double entry? I also thought by default all traffic is dropped unless a rule is created?
  • TKWITSTKWITS Community Legend ✭✭✭✭✭

    "I also thought by default all traffic is dropped unless a rule is created?"

    Sonicwalls are implicit deny, so your statement is correct.

Sign In or Register to comment.