The geolocation database included with the CloudGen Firewall can match the IP address and network to the country it was issued to. This enables you to create access rules based on the physical location of the source or destination. Lists of countries or regions are combined in a reusable network object. Geolocation network objects are updated from the update servers and with every firmware release.
Create a Network Object
Create a network object and include all countries you want to use for your access rule.
- Go to CONFIGURATION > Configuration Tree > Box > Assigned Services > Firewall > Forwarding Rules.
In the left menu, click on Networks.
Right-click in the main area and select New. The Edit/Create Network Object window will open.
Enter a Name.
- To include or exclude a region or country:
- Click the globe icon either in the Include or Exclude Entries section.
- In the Select Region/Country window, select the region or country.
- Click OK .
- Click the globe icon either in the Include or Exclude Entries section.
- Click Send Changes and Activate.
You can now select the geolocation network object you just created from the Source and Destination dropdown lists when creating access rules. Alternatively, you can find the network object icon in the Object Viewer in the Networks > Network Objects section.