The geolocation database included with the CloudGen Firewall can match the IP address and network to the country it was issued to. This enables you to create access rules based on the physical location of the source or destination. Lists of countries or regions are combined in a reusable network object. Geo location network objects are updated from the update servers and with every firmware release.
Create a Network Object
Create a network object and include all countries you want to use for your access rule.
- Go to CONFIGURATION > Configuration Tree > Box > Assigned Services > Firewall > Forwarding Rules.
In the left menu, click on Networks.
Right click in the main area and select New. The Edit/Create Network Object window will open.
Enter a Name.
- To include or exclude a region or country:
- Click the globe icon either in the Include or Exclude Entries section.
- In the Select Region/Country window, select the region or country.
- Click OK.
- Click the globe icon either in the Include or Exclude Entries section.
- Click Send Changes and Activate.
You can now select the geolocation network object you just created from the Source and Destination dropdown lists when creating access rules. Alternatively you can find the network object icon the Object Viewer in the Networks > Network Objects section.