https://community.checkpoint.com/t5/Spark-Firewall-SMB/Limit-remote-access-connections-from-specific-public-IP/m-p/158757#M7507 <P>Yes, you are dealing with implied rules that permit access from anywhere.<BR />Disabling those rules would involve editing $FWDIR/lib/implied_rules.def on the device and issuing the command fw_configload to regenerate the policy.<BR />I do not know the precise edits one has to make on this file to achieve the precise objective you're after...or if it will even work.<BR />In terms of necessary access rules once these are disabled, it should be similar to:&nbsp;<A href="https://supportcenter.checkpoint.com/supportcenter/portal?eventSubmit_doGoviewsolutiondetails=&amp;solutionid=sk42815&amp;partition=Advanced&amp;product=IPSec" target="_blank">https://supportcenter.checkpoint.com/supportcenter/portal?eventSubmit_doGoviewsolutiondetails=&amp;solutionid=sk42815&amp;partition=Advanced&amp;product=IPSec</A>&nbsp;</P> Tue, 04 Oct 2022 15:58:56 GMT PhoneBoy 2022-10-04T15:58:56Z https://community.checkpoint.com/t5/Spark-Firewall-SMB/Limit-remote-access-connections-from-specific-public-IP/m-p/158755#M7506 <P>Hello,</P><P>I would like to ask for advice. Is there a way to limit remote access connections just from specific public IP on locally managed 1590? It seems like if the remote access blade is active there is an "implied" rule to accept connections from any source.</P><P>Thank you.</P><P>&nbsp;</P><P>Regards,</P><P>Tony</P> Tue, 04 Oct 2022 15:12:07 GMT https://community.checkpoint.com/t5/Spark-Firewall-SMB/Limit-remote-access-connections-from-specific-public-IP/m-p/158755#M7506 tony1 2022-10-04T15:12:07Z https://community.checkpoint.com/t5/Spark-Firewall-SMB/Limit-remote-access-connections-from-specific-public-IP/m-p/158757#M7507 <P>Yes, you are dealing with implied rules that permit access from anywhere.<BR />Disabling those rules would involve editing $FWDIR/lib/implied_rules.def on the device and issuing the command fw_configload to regenerate the policy.<BR />I do not know the precise edits one has to make on this file to achieve the precise objective you're after...or if it will even work.<BR />In terms of necessary access rules once these are disabled, it should be similar to:&nbsp;<A href="https://supportcenter.checkpoint.com/supportcenter/portal?eventSubmit_doGoviewsolutiondetails=&amp;solutionid=sk42815&amp;partition=Advanced&amp;product=IPSec" target="_blank">https://supportcenter.checkpoint.com/supportcenter/portal?eventSubmit_doGoviewsolutiondetails=&amp;solutionid=sk42815&amp;partition=Advanced&amp;product=IPSec</A>&nbsp;</P> Tue, 04 Oct 2022 15:58:56 GMT https://community.checkpoint.com/t5/Spark-Firewall-SMB/Limit-remote-access-connections-from-specific-public-IP/m-p/158757#M7507 PhoneBoy 2022-10-04T15:58:56Z