Menu

Join the Conversation

To sign in, use your existing MySonicWall account. To create a free MySonicWall account click "Register".

Sign In Register

Geo-IP Filter Not Blocking A Country

ZyxianZyxian Newbie ✭
in Firewall Security Services

Hello All.
I have a TZ370. Version SonicOS 7.1.2-7019. I have Geo-IP Filter set to block several countries on all connections.

image.png

I looked at a web log file and it shows an IP address from one of the blocked countries. I double checked where the IP is located through ARIN whois and it does show a blocked country. Even the TZ370 shows the IP is from that country.

Is there another setting that I missed setting up? Is Geo-IP Filtering broken?
Inquiring minds want to know…

Zyxian

Category: Firewall Security Services
Reply

Answers

  • TKWITSTKWITS Community Legend ✭✭✭✭✭

    I never use 'All Connections', as that means lookups are happening even for what could be 'internal' traffic crossing the firewall.

    Have you tried changing the setting to 'Firewall Rule-based connections' and enabling GEOIP on the appropriate access rules?

  • Simon_WeelSimon_Weel Enthusiast ✭✭

    I see that too. My guess is there are some IP-ranges tied to the wrong country in the firewall.

  • ZyxianZyxian Newbie ✭
    https://community.sonicwall.com/technology-and-support/discussion/comment/22597#Comment_22597

    I don't have any internal traffic. This is on my web server.

    If the Geo-IP Filter is letting traffic through on On Connections, how would switching to Firewall Rule-based Connections make it work correctly?

Sign In or Register to comment.