Menu

Join the Conversation

To sign in, use your existing MySonicWall account. To create a free MySonicWall account click "Register".

Sign In Register

How to block multiple IPs or websites

MarkMMarkM Newbie ✭
in Entry Level Firewalls

I currently input one IP or one website at a time into SW Firewall. I receive up to 100 IPs or website names I have to block every week which takes hours to complete.

I would like to know if there's a way to take multiple IPs or website names and import it into SW firewall.


Thank you,

Mark

Category: Entry Level Firewalls
Reply

Answers

  • SaravananSaravanan Moderator
    edited July 2021

    Hi @MARKM,

    Thank you for visiting SonicWall Community.

    There are multiple ways that this can be achieved. If you have lot of IP addresses that needs to be blocked on the SonicWall for access, then I would suggest you to block all IP's and allow only the those that you want to authorize.

    You can block the IP addresses based on access rules, Geo-IP (IP's coming from various Geo-locations). If you are using CFS to block websites, you could try the wildcard method to input the website name. For example, www.google.com points to just google website whereas wildcard domain to block all google websites is *.google.com.

    Hope this helps. Feel free to let me know for any questions.

    Regards

    Saravanan V

    Technical Support Advisor - Premier Services

    Professional Services

  • MgnfcntBstrdMgnfcntBstrd Newbie ✭

    Using the CLI with SSH would let you paste in blocks of info at a time.

  • SaravananSaravanan Moderator

    I don't think so @MGNFCNTBSTRD. May be you can give a try.

    Regards

    Saravanan V

    Technical Support Advisor - Premier Services

    Professional Services

  • MgnfcntBstrdMgnfcntBstrd Newbie ✭

    If all you have to do is add a bunch of configs, even editing in notepad and pasting into PUTTY can speed it up.

    We don't use the content filter, so I'm not sure on the syntax, but for websites, something like:

    config

    content-filter

    (config-content-filter)# uri-list-object <NAME>


    Where:


           <NAME> = URI list object name.

                Content filter URI list object name.

                Example:

                   White URI list object

                TAB for list of available parameters.


    Example:


         uri-list-object "Uri List Object Name"


    *************For blocking IPs:

    config(XXXXXNSA4650)# access-rule ipv4 from LAN to WAN action deny service any destination address

     any     Any address.

     fqdn    Address object full qualified domain name.

     group    Address group name.

     host    Address object host.

     mac     Address object mac.

     name    Address object name.

     network   Address object network.

     range    Address object range.

  • AjishlalAjishlal Community Legend ✭✭✭✭✭

    Hi @MarkM

    Follow the below KB for bulk address object creation.

    https://www.sonicwall.com/support/knowledge-base/how-can-i-create-address-objects-and-groups-in-command-line-interface-cli-for-5-8-and-below/170505852108153/


  • MarkMMarkM Newbie ✭

    Thank you everyone, I appreciate your info.


    Sincerely,

    MarkM

Sign In or Register to comment.