This discussion has been locked.

You can no longer post new replies to this discussion. If you have a question you can start a new discussion

UTM 9 and Countries Blocking

Hi,

Since a few days, we get a lot of network attack (packet send) from Russian's IP on our RDP port.

I have blocked Russian Federation (FROM) in Firewall -> Countries Blocking, but I still get the packet in Kaspersky event log.

Does it take some time to get active in the UTM or so ?

Thank for help.

EDIT :

I see in the firewall log that some attempts are "Country Blocked" but some just pass. I guest it came from the method the UTM is using to determine the origin country. If I enter the IP in a localisation website, it told me that it come from Russia but it seem like the UTM doesn't react the same way.

This thread was automatically locked due to age.

0 karnalta over 2 years ago

Ok it seem solved. I was missing the 2 last updates from UTM. Probably that was the cause of the wrong identification of original country.

Now, I cannot see live firewall log anymore after the update (error message popup) but I will restart it. Anyway I don't have any incoming russian packet anymore.
Cancel
Vote Up 0 Vote Down

Cancel