Thread Info
  • State Suggested Answer
  • Locked Locked
  • Replies 3 replies
  • Answers 1 answer
  • Subscribers 26 subscribers
  • Views 9480 views
  • Users 0 members are here
Options
Suggested
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

How to block country or certain IP address from trying Cisco VPN service

VuNguyen

Hi everyone,

Is there a way for me to block certain country or IP address from trying to access Cisco VPN Client service I have enable?

I'm running SFVH (SFOS 15.01.0 MR-3)

I have country block rule but doesn't look like it's working.

Thank you.



This thread was automatically locked due to age.
Parents
  • 0

    Hi,

    Configure a non-HTTP based business application rule, which defines :

    Source Host- Country Host

    Hosted Server host - WAN

    Hosted Address - WAN address

    Protected Zone : LAN

    Protected Application Server: Any dummy IP address to map/blackhole the IP requests

    Port Forwarding: Define all the ports used by Cisco VPN services.

    This will map all the requests hitting on WAN address using the Cisco VPN ports from a specific country shall be mapped to a dummy IP address.

    Thanks

    Sachin Gurung
    Team Lead | Sophos Technical Support
    Knowledge Base  |  @SophosSupport  |  Video tutorials
    Remember to like a post.  If a post (on a question thread) solves your question use the 'This helped me' link.

  • 0 in reply to sachingurung

    Hi Sachigurung,

    This is a work around instead of proper Country blocking.

    I have a country block rule enable but it doesn't seem to work.

    Is there a fix in the future?

    Thank you.

  • 0 in reply to VuNguyen

    Hi,

    Yes, our Development team is working a fix to this issue. It will be made available soon.

    Thanks

    Sachin Gurung
    Team Lead | Sophos Technical Support
    Knowledge Base  |  @SophosSupport  |  Video tutorials
    Remember to like a post.  If a post (on a question thread) solves your question use the 'This helped me' link.

Reply Children
No Data
Cookie Information Banner