1 Reply Latest reply on May 5, 2015 3:11 AM by asabban

    Apply rule " deny any " to is not ip ranges configured.

    yerkogofes

      Hi team,

      Web Gateway

      I need apply deny any rules (deny all traffic and any IPs) for the IP client or IP ranges that aren't in some IP-range configured in MWG.

      If the client IP in not in any IPrange or IP client = BLOCK

      I need apply this "deny any" in the last part of the rules.

       

      If someone have information about this, please let me know.

      DENY ANY WG.jpg

        • 1. Re: Apply rule " deny any " to is not ip ranges configured.
          asabban

          Hello,

           

          if I understand you want to have a list of IP Ranges such as

           

          10.0.0.0/8

          172.16.0.0/16

          192.168.0.0/24

           

          If a client accesses MWG from any of these IP ranges access is granted. If a client comes from an IP address that is not part of any of these ranges then block.

           

          If that is what you want to do I would create two rules into the rule set you already made:

           

          First Rule: Client.IP is in IP Range List "My IP Ranges" Then Stop Rule Set

          Second Rule: Always Block

           

          By doing so all clients from IP ranges listed in "My IP Ranges" do not run into the block rule. All other client IPs run into the block rule and access is denied.

           

          Best,

          Andre