Is this how you are supposed to allow exceptions in GeoBlocking?
I'm hoping someone can either take this up with SonicWall higher-ups or set me straight on how I'm not doing things properly.
I have GeoBlocking turned on for my TZ appliance for a large part of the world that I don't believe should have access to the device, nor should I be visiting.
And yet, having this turned on "high" prevents me from getting to certain websites that are - surprisingly and mysteriously - hosted in other countries (despite listing a US address).
To find out what I have to enable, log into the SonicWall device, I go Log - Log Monitor. I take note of the IP address and country being blocked. I then open up another browser window to double-check the IP address with UltraTools to ensure the IP and country match the log, then again to obtain the IP range and associated company (if needed).
Then its back to the SonicWall, this time to Network - Address Objects - Address Objects to add this entry. And then to Address Groups to update the default GeoBlocking exclusion group.
I'm looking for a better, faster, way to do this. As a Request for Enhancement, I'd dream of a one-click that would automatically ascertain the IP and add it to the GeoBlocking group.
But, more importantly, is this the "standard" or proscribed way of poking holes in a heightened secure zone?