Technical Tip: How to allow or block IP for specific country

Khidzir_MN · ‎10-27-2025

Description

This article describes how to allow or block IP addresses for a specific country.

Scope

FortiADC and FortiADC-VM.

Solution

Allow IP for a specific country.

Example:

Allow IP from Malaysia and deny IP from other countries.

Step 1: Configure the Geo IP Protection at Network Security -> Geo IP Protection

Step 2: Select the configured Geo IP Protection in Step 1 at the respective Application Profile for the respective Virtual Server under Server Load Balance -> Application Resources -> Application Profile.

Step 3: Verify from the GEO Security Log:

Block IP from a specific country.

Example:

Block IP from Malaysia and allow IP from other countries.

Step 1: Configure the Geo IP Protection under Network Security -> Geo IP Protection.

Step 2: Select the configured Geo IP Protection in Step 1 at the respective Application Profile for the respective Virtual Server under Server Load Balance -> Application Resources -> Application Profile.

Step 3: Verify from the GEO Security Log:

Related document:
Using the Geo IP block list - FortiADC 8.0.0 administration guide

Geo IP Allow List - FortiADC handbook

Technical Tip: How to allow or block IP for specific country

You are leaving our website