Hi We have several websites on a web server with one IP address. is it possible to use geobloking with fortigate to one website on the server? the other websites should not be affected.
Regards.
Andy
Fortigate 500E HA Fortimail 200 Fortimanager
FortiEMS
FortiSandbox 1000D
FortiSwitch Network Some other Models in use :-) ---------------------------------------------------- FCSE ----------------------------------------------------
Nominating a forum post submits a request to create a new Knowledge Article based on the forum post topic. Please ensure your nomination includes a solution within the reply.
Sorry about that, I misunderstood the question. Dave is correct, you'll have to give that website a unique IP to use Geoblock for inbound connections.
No, I don't think the WF is the right tool for what you are planning to do.
Geoblocking only looks at the source IP range, mapped to a country.
Webfilter only looks at the URL, and cannot be chained to another filter if the action is BLOCK. In general, WF would need to be used as a matching criterium in a policy, but a FGT can only match on addresses, ports, schedule and user.
Wait, a policy could match on an FQDN destination address. If you combine that with an country specific source address group you could create a policy which matches both to block that traffic. You could give that a try.
Could be wrong in this assumption, but it kinda looks like Andy is asking to block specified country hosts from accessing a hosted web site on a web server that is behind the fgt.
NSE4/FMG-VM64/FortiAnalyzer-VM/6.0 (FWF30E/FW92D/FGT200D/FGT101E/FGT81E)/ FAP220B/221C
thanks for your contributions. it is as dave suspects, the webserver is in the dmz, the webserver has several websites on one IP address and i would like to allow outside access to this page only from selected countries. I have already done some tests, but none of them have brought the solution. I will probably have to add another ip address on the server
Greets
Andy
Fortigate 500E HA Fortimail 200 Fortimanager
FortiEMS
FortiSandbox 1000D
FortiSwitch Network Some other Models in use :-) ---------------------------------------------------- FCSE ----------------------------------------------------
Select Forum Responses to become Knowledge Articles!
Select the “Nominate to Knowledge Base” button to recommend a forum post to become a knowledge article.
User | Count |
---|---|
1732 | |
1105 | |
752 | |
447 | |
240 |
The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.
Copyright 2024 Fortinet, Inc. All Rights Reserved.