Geoblocking to one URL

Forum|Forum|6 years ago
March 23, 2020
1 reply
6714 views

Hi We have several websites on a web server with one IP address. is it possible to use geobloking with fortigate to one website on the server? the other websites should not be affected.

Regards.

Andy

Paul_W_Crane_FTNT

Staff

Sorry about that, I misunderstood the question. Dave is correct, you'll have to give that website a unique IP to use Geoblock for inbound connections.

ede_pfau

SuperUser

No, I don't think the WF is the right tool for what you are planning to do.

Geoblocking only looks at the source IP range, mapped to a country.

Webfilter only looks at the URL, and cannot be chained to another filter if the action is BLOCK. In general, WF would need to be used as a matching criterium in a policy, but a FGT can only match on addresses, ports, schedule and user.

Wait, a policy could match on an FQDN destination address. If you combine that with an country specific source address group you could create a policy which matches both to block that traffic. You could give that a try.

Dave_Hall

New Member

Could be wrong in this assumption, but it kinda looks like Andy is asking to block specified country hosts from accessing a hosted web site on a web server that is behind the fgt.

Sign up

Login with SSO

Login to the community

Login with SSO

Scanning file for viruses.

This file cannot be downloaded