cancel
Showing results for 
Search instead for 
Did you mean: 
yerkogofes
Level 7

Apply rule " deny any " to is not ip ranges configured.

Hi team,

I need apply deny any rules (deny all traffic and any IPs) for the IP client or IP ranges that aren't in some IP-range configured in MWG.

If the client IP in not in any IPrange or IP client = BLOCK

I need apply this "deny any" in the last part of the rules.

If someone have information about this, please let me know.

DENY ANY WG.jpg

0 Kudos
1 Reply
asabban
Level 17

Re: Apply rule " deny any " to is not ip ranges configured.

Hello,

if I understand you want to have a list of IP Ranges such as

10.0.0.0/8

172.16.0.0/16

192.168.0.0/24

If a client accesses MWG from any of these IP ranges access is granted. If a client comes from an IP address that is not part of any of these ranges then block.

If that is what you want to do I would create two rules into the rule set you already made:

First Rule: Client.IP is in IP Range List "My IP Ranges" Then Stop Rule Set

Second Rule: Always Block

By doing so all clients from IP ranges listed in "My IP Ranges" do not run into the block rule. All other client IPs run into the block rule and access is denied.

Best,

Andre

0 Kudos