This article describes a practical approach to safeguarding the network by denying connections from IPs originating in China.
Navigate to 'System' and access 'Feature Visibility'. Confirm whether 'Local in Policy' is enabled.
Configure the local-in policy by setting the appropriate parameters:
And in the service, it is all defined, because it is necessary to block all connections coming to the firewall in any port number.
By following these steps, it is possible to effectively block connections originating from specific country IP ranges, ensuring enhanced security for the FortiGate device.