How to block external IP-Address

Hello,

how can I deny the Access to our Sophos UTM for a specific external IP-Address?

Notification: "Failed SSH login attempt from 176.235.x.x"

 

I have found some discussions here, but they couldn't help.

  • Hallo Tom and welcome to the UTM Community!

    Before I answer your explicit question, let me address the underlying issue... I would recommend that you eliminate "Any" from 'Allowed Networks' in both Shell Access and WebAdmin Settings.  Put only those Hosts and DNS Hosts from where you be accessing your UTM.  Add "Internal (Network)" if you're comfortable with that.  Add your "username (User Network)" object and configure one of the Remote Access methods so that you can get to the UTM from anywhere.

    To see how to blackhole accesses from any specific IP or subnet, see #2 in Rulz.

    Cheers - Bob