This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Can I use geo blocking for a specific NAT rule?

I'm using a Sophos SG230 with the latest version of UTM 9.

I have a NAT rule routing https traffic hitting a specific external IP to of our servers.  Currently it allows traffic from any IP address through since it could be accessed by users from their home PCs, phones etc.  However I would like to lock it down as much as possible since the server is now being hit with a lot of attempted connections from known compromised IP addresses.

I don't really want to turn on geo blocking in the firewall settings since that blocks all traffic by default and there would be too many exceptions to set up.

Is there a way I can add to the NAT rule that it should only apply to UK addresses rather than using the "any" selector?

Thanks.



This thread was automatically locked due to age.
Parents
  • I'm doing something similar in pfsense, but with US based ip's. Specifically for the mail server, I wanted to only allow connections from US based MTA's. This was possible using pfblockerng. An alias was defined for the selected country. Then for the actual DNAT rule, only only traffic originating from that alias is allowed to port 25 (smtp). There's a secondary mx on a third party host that picks up mail primary mx declines. You can add all sorts of lists in various formats.

  • Thank you this sounds like exactly what I need!  I will look into PFSense!

Reply Children
No Data