Create a Post
cancel
Showing results for 
Search instead for 
Did you mean: 
quatloo
Explorer

Restrict Inbound Connections to Web Server to United States Source IP Addresses

Jump to solution

Hello,

I would like to only allow (whitelist) connections  from United States IP addresses to a single web server hosted behind my security gateway.  It doesn't appear to be possible using the Geo Policy in R80.30.

Does anyone know  if this is possible using Check Point?   I was considering using a dynamic object, and updating it monthly from a list of IP addresses from IP2LOCATION's website, but the US list is 239k lines in CIDR format, and I'm fairly certain the gateway isn't going to like something that long.

Does anyone have a good solution to this problem?

Thanks!

 

0 Kudos
1 Solution

Accepted Solutions
Danny
Champion
Champion

Like this with updatable objects?

image.png

View solution in original post

0 Kudos
2 Replies
Danny
Champion
Champion

Like this with updatable objects?

image.png

View solution in original post

0 Kudos
quatloo
Explorer

Yes!  Exactly like that!  Thanks so much!

0 Kudos