FortiGate
FortiGate Next Generation Firewall utilizes purpose-built security processors and threat intelligence security services from FortiGuard labs to deliver top-rated protection and high performance, including encrypted traffic.
evejar
Staff
Staff
Article Id 196741

Description

 

This article shows the configuration to protect a server from attacks from countries the user has no business with.

Scope

 

FortiGate.


Solution

 

First, create an address object:

Go to Policy&Object -> addresses and then select 'create' and 'new address'


2023-03-22 14_34_17-FortiGate - FG3H — Mozilla Firefox.png

 

Name: Choose a name
Type: Select 'Geography'
Country: Select the country to block
 
Do this for all the countries to block.
 
Then, create a group for these countries that need to be blocked.
 
Select 'create' and 'new address group'
 
2023-03-22 14_43_25-FortiGate - FG3H — Mozilla Firefox.png

 

The last thing to do is to create a policy.
Go to Policy & Object -> IPv4 Policy
 
Create a policy that blocks the traffic from the countries to your resources (like servers in your DMZ) that need to be protected.
 
Once this rule is created, the traffic from that countries will be blocked (this is to protect the server only, it does not block the internet).

 

Related Articles:

Identity-based-route

Technical Note: How FortiGate can block Duolingo in different ways. Blocks web application.

Technical Note: Disconnecting a member from a cluster

Technical Tip: Commands to verify GeoIP information and troubleshoot GeoIP database