UTM: How to configure SonicWALL Geo-IP Filter using Firewall Access Rules (SW9763)

Title
UTM: How to configure SonicWALL Geo-IP Filter using Firewall Access Rules
Resolution

Article Applies To:

Gen5: NSA E8500, NSA E7500, NSA E6500, NSA E5500, NSA 5000, NSA 4500, NSA 3500, NSA 2400, NSA 240
Gen5 TZ Series: TZ 210, TZ 210 Wireless,
Firmware/Software Version: SonicOS Enhanced 5.8.1.4 and above versions.
Services: Geo IP Filtering

Feature/Application:

Geo-IP Filter allows administrators to block connections coming to or from a geographic location. Prior to SonicOS 5.8.1.4, Geo-IP Filter, once enabled, was applicable to all hosts behind the SonicWALL without exception. Administrators had no option to include / exclude hosts behind the SonicWALL from Geo-IP Filter. Starting with SonicOS 5.8.1.4, SonicWALL Geo-IP Filter can be set to All or Firewall Rule-Based. Setting the option to All will block all hosts behind the SonicWALL access to locations blocked in the Geo-IP Filter main page. The Firewall Rule-based option introduces more granularity in Geo-IP Filter.

This article illustrates how to configure Firewall Rule-based Geo-IP Filter.


Procedure:
Login to the SonicWALL Management GUI
Navigate to the Security Services > Geo-IP Filter page.
Enable check-box under Block connections to/from following countries
Enable radio-button Firewall Rule-based. This will switch the filtering from All to based on access rules.
Enable check-box under Logging.
Under Geo-IP Exclusion Object select Address Object or Groups of IP addresses on the WAN to be excluded from Geo-IP Filter.
Click on Accept at the top to save the settings.

See here:

https://support.software.dell.com/kb/sw9763

Liquid Layer Networks
LiquidLayer.net