Goeip Exclusion list won't apply on fw base access rule with custom country list
sfournier
Newbie ✭
I have a fw access rule with GEOIP filter enable with custom country list instead of using global country lis which is to wide.
I won't allow US on incoming connection, but I want to allow one IP in US.
I created the object and added it to GEOIP, exclusion list.
Still, FW blocks it.
If I add US to my custom list, user can connect.
But adding US to my custom list is ti wide open.
Any idea why it won't take note of the exclusion IP?
Category: Firewall Security Services
0
Best Answer
-
TKWITS Community Legend ✭✭✭✭✭
Custom GEO lists in Access Rules do not allow for exclusions and take precedence over the global settings.
So either you use the global settings only, or allow US in the Access Rule GEO list.
0
Answers
So as I get it, it is a normal behaviour.
Tanks for the quick feedback!!