Guest User!

You are not Sophos Staff.

Thread Info
  • State Verified Answer
  • Locked Locked
  • Replies 5 replies
  • Subscribers 4 subscribers
  • Views 2787 views
  • Users 0 members are here
Options
Suggested
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

prevent access

AreshAreshi

Hi,

We want to block the access to our internal websites from some IP address, I did follow the suggestion of our good frind BAlfson and did this:

 

Create a new DNAT Rule and there create a group that has all IP's that must be blocked then use ANY for the services and use ANY for the going to (because the WAN port has multipal IP's) and for the destnation did create a network Host with IP that is not exsit.

right now the position of the rule is down the list at number 121, should we move the rule to the Top of the DNAT rules? or just leave it there at 121 position?

 

DNAT : {group of bad IPs} -> Any -> {group of WAN (Address) objects} : to {non-existent IP}



This thread was automatically locked due to age.
Parents Reply
  • 0 in reply to sachingurung

    Hi sachingurung, 

    Thank you for the reply,

    Strange  enough I did not have to move the rule to the top of list and rule works, and access from IP is not possible.

    Is it possible to block the access to only some websites? e.i. we dont want some google robots to access some of our websites. can I block robots access to some websites and allow access to other websites?

     

    Thanks

Children