- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Blocking Private VPN IPs
We currently use Geoblocking to block access to external web servers from "unfriendly countries." This works quite well. However, we still receive a lot of malicious attacks from IPs from "friendly countries." The majority of these IPs originate from private VPN providers. Is there a way to block access from these IPs? Thanks.
- Labels:
-
FortiGate
- « Previous
-
- 1
- 2
- Next »
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Yes, I did fill out the entire rule. I believe the error, "Source addresses/groups must have different IP versions than source Internet Services" was related to the fact that I was trying to add VPN-Anonymous to an existing DENY rule. I created a new DENY rule with just the VPN-Anonymous group in it, and I was able to save it. However, when I connect to my NordVPN, I am able to access all of our external websites. So the rule isn't triggering for some reason.
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Then you likely need to open a ticket at TAC and get it troubleshot. It's difficult to do that over this community thread "half-duplex" conversation without getting in your FGT.
Toshi
- « Previous
-
- 1
- 2
- Next »