used here for the purpose of illustration.
Command-Line Interface
A. Create the GeolocationFilter object:
gw-world:/> add GeolocationFilter hackerland_filter
Countries=Hackerland
MatchUnknown=true
B. Next, create the IP Policy object that uses this filter:
gw-world:/> add IPPolicy SourceInterface=any
SourceNetwork=all-nets
DestinationInterface=any
DestinationNetwork=all-nets
Service=all_services
Name=lan_to_dmz
Action=Deny
Drop=Yes
SourceGeoFilter=hackerland_filter
Web Interface
A. Create the GeolocationFilter object:
1. Go to: Policies > Firewalling > Geolocation Filter > Add > Geolocation Filter
2. Now enter:
• Name: hackerland_filter
• Add the country Hackerland to the Selected list
• Enable Match unclassified networks
3. Click OK
B. Next, create the IP Policy object that uses this filter:
1. Go to: Policies > Firewalling > Add > IP Policy
2. Now enter:
• Name: drop_hackerland
• Action: Deny
• Denied Behavior: Drop
• Source Interface: any
• Source Network: all-nets
• Source Geolocation: hackerland_filter
• Destination Interface: any
• Destination Network: all-nets
• Destination Geolocation: Anywhere
Chapter 3: Fundamentals
250
To Next Page
Loading...
