Hi all,
(R81.10)
We recently changed over from the legacy way of geo blocking to the recommended use of updatable objects as a rule in the access control policy.
The geo block rule is at the top off our ruleset but I think that the firewall still is allowing any IP to connect to the IKE ports (we use CP VPN) through the implied policy.
I believe with the legacy geo policy it blocked any geo IP connecting to the firewall (this was proved with the recently issue with classifying UK IP's as Russian).
Is there a way to apply the geo rules to the applied policy?
Many thanks
Rich
| User | Count |
|---|---|
| 9 | |
| 8 | |
| 6 | |
| 5 | |
| 5 | |
| 5 | |
| 4 | |
| 4 | |
| 4 | |
| 3 |
Tue 08 Jul 2025 @ 03:00 PM (CEST)
The Rise of Hybrid SASE: Beyond Cloud-Only Security Solutions EMEATue 08 Jul 2025 @ 05:00 PM (CEST)
Under the Hood: CloudGuard WAF API Security - Overview, Onboarding, and Best PracticesWed 16 Jul 2025 @ 04:00 PM (CEST)
Operationalizing Threat Intelligence, Part II: Threat Hunting & Incident ResponseWed 13 Aug 2025 @ 04:00 PM (CEST)
Operationalizing Threat Intelligence, Part III: Threat Modeling & Security PreparednessTue 08 Jul 2025 @ 03:00 PM (CEST)
The Rise of Hybrid SASE: Beyond Cloud-Only Security Solutions EMEATue 08 Jul 2025 @ 05:00 PM (CEST)
Under the Hood: CloudGuard WAF API Security - Overview, Onboarding, and Best PracticesWed 16 Jul 2025 @ 04:00 PM (CEST)
Operationalizing Threat Intelligence, Part II: Threat Hunting & Incident ResponseWed 13 Aug 2025 @ 04:00 PM (CEST)
Operationalizing Threat Intelligence, Part III: Threat Modeling & Security Preparedness
