How can I block an IP address using access rules?
Simon_Weel
Enthusiast ✭✭
That's the title of this article:
How can I block an IP address using access rules? | SonicWall
Reading the article, it seems to me access isn't blocked at all - it is granted? Am I wrong?
Category: Mid Range Firewalls
0
Answers
Based on the screenshot they provided yes. A more thorough KB would be:
https://www.sonicwall.com/support/knowledge-base/how-to-configure-access-rules/210531012212553
My client has a similar need to block IP addresses. So, we created an Address Object Group (we named it WAN IP Blacklist) and then created as many individual Address Objects of Type=Host, Zone=WAN for the IP addresses you want to block. Then add the Host/WAN address objects to the previously created Address Object Group.
Then we created two "Deny" Access Rules:
WAN > LAN, Source=the Address Object Group created above, Destination=Any, Service=Any, Action=Deny
WAN > WAN, same config as WAN > LAN.
Make sure the priorities of the Access Rules are set so they are processed first for their respective zones.
"I also thought by default all traffic is dropped unless a rule is created?"
Sonicwalls are implicit deny, so your statement is correct.