0% found this document useful (0 votes)

49 views4 pages

Technical Tip - Blocking Inbound Access From Specif... - Fortinet Community

Uploaded by

Osama Refai

We take content rights seriously. If you suspect this is your content, claim it here.

Available Formats

Download as PDF, TXT or read online on Scribd

0% found this document useful (0 votes)

49 views4 pages

Technical Tip - Blocking Inbound Access From Specif... - Fortinet Community

Uploaded by

Osama Refai

We take content rights seriously. If you suspect this is your content, claim it here.

Available Formats

Download as PDF, TXT or read online on Scribd

You are on page 1/ 4

7/19/23, 5:41 PM Technical Tip: Blocking Inbound Access from Specif...

- Fortinet Community

 Help 

Forums  Knowledge Base  Community Groups 

FortiGate
FortiGate Next Generation Firewall utilizes purpose-built security processors
and threat intelligence security services from FortiGuard labs to deliver top-
rated protection and high performance, including encrypted traffic.

This Board Search here

Fortinet Community  Knowledge Base  FortiGate  Technical Tip: Blocking Inbound Access from Specif...

jhelder
Staff

Created on

‎07-19-2023 05:11 AM

Article Id

264818

Technical Tip: Blocking Inbound Access from Specific Country IP

Ranges on FortiGate
Description This article describes a practical approach to safeguarding the network by
denying connections from IPs originating in China.
However, it is important to note that this method can be applied to block
connections from any country, providing an additional layer of defense against
potential threats. It is possible to effectively block or deny all connection
attempts originating from undesired countries.
Scope FortiGate.

https://community.fortinet.com/t5/FortiGate/Technical-Tip-Blocking-Inbound-Access-from-Specific-Country-IP/ta-p/264818 1/4
7/19/23, 5:41 PM Technical Tip: Blocking Inbound Access from Specif... - Fortinet Community

Solution 1. Verify 'Local in Policy' Enablement:

Navigate to 'System' and access 'Feature Visibility'. Confirm whether 'Local in

Policy' is enabled.

2. Proceed to 'Policy and Object' and select 'Addresses'. Choose to create a
new address object to define the IP ranges for the specific country we
wish to block.

3. Create the Local-in Policy using the CLI:

Configure the local-in policy by setting the appropriate parameters:

Specify the previously created address object as the source for the policy.
Define the desired interface and services to be affected. For instance, if 'port1'
serves as a WAN interface.
And in the service, it is all defined, because it is necessary to block all
connections coming to the firewall in any port number.

By following these steps, it is possible to effectively block connections
originating from specific country IP ranges, ensuring enhanced security for the
FortiGate device.

https://community.fortinet.com/t5/FortiGate/Technical-Tip-Blocking-Inbound-Access-from-Specific-Country-IP/ta-p/264818 2/4
7/19/23, 5:41 PM Technical Tip: Blocking Inbound Access from Specif... - Fortinet Community

49 1

Submit Article Idea

Contributors

jhelder

Jean-Philippe_P

Broad. Integrated. Automated.

The Fortinet Security Fabric brings together the concepts of convergence and consolidation to
provide comprehensive cybersecurity protection for all users, devices, and applications and across
all network edges.

Social Media

SECURITY RESEARCH

Threat Research

FortiGuard Labs

Threat Map

Threat Briefs

https://community.fortinet.com/t5/FortiGate/Technical-Tip-Blocking-Inbound-Access-from-Specific-Country-IP/ta-p/264818 3/4
7/19/23, 5:41 PM Technical Tip: Blocking Inbound Access from Specif... - Fortinet Community

Ransomware

COMPANY

About Us

Security Fabric

Exec. Mgmt

Careers

Certifications

Events

Industry Awards

Social Responsibility

NEWS & ARTICLES

News Releases

News Articles

Trademarks

Corporate

Community

https://community.fortinet.com/t5/FortiGate/Technical-Tip-Blocking-Inbound-Access-from-Specific-Country-IP/ta-p/264818 4/4

Fortinet FCP - FortiGate 7.4 Administrator Exam Preparation
From Everand
Fortinet FCP - FortiGate 7.4 Administrator Exam Preparation
Georgio Daccache
No ratings yet
Networking Fundamentals: Develop the networking skills required to pass the Microsoft MTA Networking Fundamentals Exam 98-366
From Everand
Networking Fundamentals: Develop the networking skills required to pass the Microsoft MTA Networking Fundamentals Exam 98-366
Gordon Davies
No ratings yet
Technical Tip - How To Block Specific External
No ratings yet
Technical Tip - How To Block Specific External
3 pages
Basic Setup of FortiGate Firewall
From Everand
Basic Setup of FortiGate Firewall
Dr. Hidaia Mahmood Alassouli
No ratings yet
Basic Setup of FortiGate Firewall
From Everand
Basic Setup of FortiGate Firewall
Dr. Hidaia Mahmood Alassoulii
No ratings yet
Fortinet FCP - FortiGate 7.6 Administrator Exam Preparation
From Everand
Fortinet FCP - FortiGate 7.6 Administrator Exam Preparation
Georgio Daccache
No ratings yet
FCP - FortiGate 7.4 Admin: 499 Practice Questions to Pass the Certification Exam
From Everand
FCP - FortiGate 7.4 Admin: 499 Practice Questions to Pass the Certification Exam
Steve Brown
No ratings yet
Designing and Implementing Linux Firewalls and QoS using netfilter, iproute2, NAT and l7-filter
From Everand
Designing and Implementing Linux Firewalls and QoS using netfilter, iproute2, NAT and l7-filter
Lucian Gheorghe
No ratings yet
Getting Started with FortiGate
From Everand
Getting Started with FortiGate
Fabrizio Volpe
No ratings yet
Study Guide Cisco 300-915 DEVIOT Developing Solutions using Cisco IoT and Edge Platforms Exam
From Everand
Study Guide Cisco 300-915 DEVIOT Developing Solutions using Cisco IoT and Edge Platforms Exam
Anand Vemula
No ratings yet
FCSS—Enterprise Firewall 7.4 Administrator Exam Preparation
From Everand
FCSS—Enterprise Firewall 7.4 Administrator Exam Preparation
Georgio Daccache
No ratings yet
Mikrotik Firewall - Short Notes
No ratings yet
Mikrotik Firewall - Short Notes
4 pages
Technical Tip - Block Remote Users From Accessing T... - Fortinet Community
No ratings yet
Technical Tip - Block Remote Users From Accessing T... - Fortinet Community
5 pages
Block Allow IP
No ratings yet
Block Allow IP
7 pages
Connecting The Network Devices and Logging Onto The Fortigate
No ratings yet
Connecting The Network Devices and Logging Onto The Fortigate
6 pages
FCSS—Enterprise Firewall 7.6 Administrator Exam Preparation
From Everand
FCSS—Enterprise Firewall 7.6 Administrator Exam Preparation
Georgio Daccache
No ratings yet
Connecting A Private Network To The Internet Using NAT/Route Mode
No ratings yet
Connecting A Private Network To The Internet Using NAT/Route Mode
5 pages
FORTIGATE Technical Tip - Whitelist IP Addresses and URLs Usi... - Fortinet Community
No ratings yet
FORTIGATE Technical Tip - Whitelist IP Addresses and URLs Usi... - Fortinet Community
9 pages
OpenStack Networking Essentials
From Everand
OpenStack Networking Essentials
James Denton
No ratings yet
CircuitPython in Practice: Definitive Reference for Developers and Engineers
From Everand
CircuitPython in Practice: Definitive Reference for Developers and Engineers
Richard Johnson
No ratings yet
Rust for Network Programming and Automation, Second Edition: Work around designing networks, TCP/IP protocol, packet analysis and performance monitoring using Rust 1.68
From Everand
Rust for Network Programming and Automation, Second Edition: Work around designing networks, TCP/IP protocol, packet analysis and performance monitoring using Rust 1.68
Gilbert Stew
No ratings yet
Rust for Network Programming and Automation, Second Edition
From Everand
Rust for Network Programming and Automation, Second Edition
Gilbert Stew
No ratings yet
IoT Security Engineering
From Everand
IoT Security Engineering
MAXWELL DRAKE
No ratings yet
EtherNet/IP Engineering Guide: Definitive Reference for Developers and Engineers
From Everand
EtherNet/IP Engineering Guide: Definitive Reference for Developers and Engineers
Richard Johnson
No ratings yet
OpenStack Cloud Security
From Everand
OpenStack Cloud Security
Fabio Alessandro Locati
No ratings yet
Allow Ping From A Specific IP For Adminis... - Fortinet Community
No ratings yet
Allow Ping From A Specific IP For Adminis... - Fortinet Community
7 pages
The Encrypted Web: Building Secure and Invisible Networks: Networking, #1
From Everand
The Encrypted Web: Building Secure and Invisible Networks: Networking, #1
Xettaiks
No ratings yet
Palo Alto Security
From Everand
Palo Alto Security
Oliver Trent
No ratings yet
Cryptocurrency for Everyone: The Trader's Guide to Polygon (MATIC)
From Everand
Cryptocurrency for Everyone: The Trader's Guide to Polygon (MATIC)
Penelope I.
No ratings yet
Study Guide Cisco 300-730 SVPN Implementing Secure Solutions with Virtual Private Networks
From Everand
Study Guide Cisco 300-730 SVPN Implementing Secure Solutions with Virtual Private Networks
Anand Vemula
No ratings yet
Hands-On Blockchain for Python Developers: Empowering Python developers in the world of blockchain and smart contracts
From Everand
Hands-On Blockchain for Python Developers: Empowering Python developers in the world of blockchain and smart contracts
Arjuna Sky Kok
No ratings yet
Initial Setup: Steps: Connect To The Device
No ratings yet
Initial Setup: Steps: Connect To The Device
4 pages
FortiGate 7.4 Admin Study Notes: 499 Study Notes for Accelerated Certification Success
From Everand
FortiGate 7.4 Admin Study Notes: 499 Study Notes for Accelerated Certification Success
Steve Brown
No ratings yet
CISA EXAM-Testing Concept-Firewall
From Everand
CISA EXAM-Testing Concept-Firewall
Hemang Doshi
2.5/5 (2)
In Depth Security Vol. III: Proceedings of the DeepSec Conferences
From Everand
In Depth Security Vol. III: Proceedings of the DeepSec Conferences
BoD - Books on Demand
No ratings yet
FCP - FortiClient EMS 7.2 Administrator Exam Preparation
From Everand
FCP - FortiClient EMS 7.2 Administrator Exam Preparation
Georgio Daccache
No ratings yet
Python-Powered Ethical Hacking: Building Advanced Cybersecurity Tools
From Everand
Python-Powered Ethical Hacking: Building Advanced Cybersecurity Tools
Peter Johnson
No ratings yet
Configuring IPCop Firewalls: Closing Borders with Open Source
From Everand
Configuring IPCop Firewalls: Closing Borders with Open Source
Barrie Dempster
No ratings yet
BeagleBone for Secret Agents
From Everand
BeagleBone for Secret Agents
Josh Datko
5/5 (1)
SRS - How to build a Pen Test and Hacking Platform
From Everand
SRS - How to build a Pen Test and Hacking Platform
alasdair gilchrist
2/5 (1)
Fortress Linux: Mastering Firewalls and Network Security
From Everand
Fortress Linux: Mastering Firewalls and Network Security
Dargslan
No ratings yet
SSL VPN : Understanding, evaluating and planning secure, web-based remote access
From Everand
SSL VPN : Understanding, evaluating and planning secure, web-based remote access
Tim Speed
No ratings yet
TrixBox Made Easy
From Everand
TrixBox Made Easy
Barrie Dempster
No ratings yet
Complete WiFi Hacking: Beginner to Advanced
From Everand
Complete WiFi Hacking: Beginner to Advanced
Fastskill
No ratings yet
Technical Tip - How To Configure The FortiLink Inte... - Fortinet Community
No ratings yet
Technical Tip - How To Configure The FortiLink Inte... - Fortinet Community
5 pages
Webfilter FW
No ratings yet
Webfilter FW
11 pages
Fast-Track to Industrial IoT Success: Mastering the Essentials
From Everand
Fast-Track to Industrial IoT Success: Mastering the Essentials
Arthur Wang
No ratings yet
PyTorch Cookbook: 100+ Solutions across RNNs, CNNs, python tools, distributed training and graph networks
From Everand
PyTorch Cookbook: 100+ Solutions across RNNs, CNNs, python tools, distributed training and graph networks
Matthew Rosch
No ratings yet
PyTorch Cookbook
From Everand
PyTorch Cookbook
Matthew Rosch
No ratings yet
Rootkits and Bootkits: Reversing Modern Malware and Next Generation Threats
From Everand
Rootkits and Bootkits: Reversing Modern Malware and Next Generation Threats
Alex Matrosov
No ratings yet
FGT1 03 Firewall Policies PDF
No ratings yet
FGT1 03 Firewall Policies PDF
69 pages
Building Wireless Sensor Networks Using Arduino: Leverage the powerful Arduino and XBee platforms to monitor and control your surroundings
From Everand
Building Wireless Sensor Networks Using Arduino: Leverage the powerful Arduino and XBee platforms to monitor and control your surroundings
Matthijs Kooijman
4/5 (1)
Python Networking 101: Navigating essentials of networking, socket programming, AsyncIO, network testing, simulations and Ansible
From Everand
Python Networking 101: Navigating essentials of networking, socket programming, AsyncIO, network testing, simulations and Ansible
Odette Windsor
No ratings yet
Python Networking Essentials: Building Secure and Fast Networks
From Everand
Python Networking Essentials: Building Secure and Fast Networks
Robert Johnson
No ratings yet
IPFire Network Security Reference: Definitive Reference for Developers and Engineers
From Everand
IPFire Network Security Reference: Definitive Reference for Developers and Engineers
Richard Johnson
No ratings yet
Website Blocking Policy With Mikrotik Routeros
No ratings yet
Website Blocking Policy With Mikrotik Routeros
36 pages
The FPGA Programming Handbook: An essential guide to FPGA design for transforming ideas into hardware using SystemVerilog and VHDL
From Everand
The FPGA Programming Handbook: An essential guide to FPGA design for transforming ideas into hardware using SystemVerilog and VHDL
Frank Bruno
No ratings yet
How To Install FortiADC in One Arm Mode
100% (1)
How To Install FortiADC in One Arm Mode
2 pages
Internet of Things Programming Projects: Build exciting IoT projects using Raspberry Pi 5, Raspberry Pi Pico, and Python
From Everand
Internet of Things Programming Projects: Build exciting IoT projects using Raspberry Pi 5, Raspberry Pi Pico, and Python
Colin Dow
No ratings yet
Securing Application Deployment with Obfuscation and Code Signing: How to Create 3 Layers of Protection for .NET Release Build
From Everand
Securing Application Deployment with Obfuscation and Code Signing: How to Create 3 Layers of Protection for .NET Release Build
Slava Gomzin
No ratings yet
MyCryptoBank White Paper
No ratings yet
MyCryptoBank White Paper
60 pages
ACPS 1 Complete Solutions
0% (1)
ACPS 1 Complete Solutions
2 pages
Rockwell Software Inc.: Agreement
No ratings yet
Rockwell Software Inc.: Agreement
2 pages
Koestler, Neither Lotus Nor Robot
No ratings yet
Koestler, Neither Lotus Nor Robot
2 pages
Apparent Threat Slides
100% (1)
Apparent Threat Slides
15 pages
SDRS Ngo Darpan
No ratings yet
SDRS Ngo Darpan
4 pages
11) Commonwealth Act 616
100% (1)
11) Commonwealth Act 616
5 pages
Theological Research Pornography
No ratings yet
Theological Research Pornography
9 pages
Epistle Reading - Greek
No ratings yet
Epistle Reading - Greek
1 page
Yogesh Atalkar - Ganakar 1
No ratings yet
Yogesh Atalkar - Ganakar 1
4 pages
Revitalisation of Weavers
No ratings yet
Revitalisation of Weavers
6 pages
Questions On Pie Charts
No ratings yet
Questions On Pie Charts
6 pages
Boarding Pass (HYD BLR) Format
No ratings yet
Boarding Pass (HYD BLR) Format
1 page
Libro 3 - Counselling-y-Psicoterapia-en-Cancer-19
No ratings yet
Libro 3 - Counselling-y-Psicoterapia-en-Cancer-19
1 page
LTD Cases
No ratings yet
LTD Cases
306 pages
Question Chap 13 Biodiversity and Conservation
No ratings yet
Question Chap 13 Biodiversity and Conservation
3 pages
No Plastic Packaging: Tax Invoice
No ratings yet
No Plastic Packaging: Tax Invoice
2 pages
Community Development in India's Five Year Plans
100% (1)
Community Development in India's Five Year Plans
4 pages
Lecture 1 PDF
No ratings yet
Lecture 1 PDF
38 pages
Crim Pro Midterms Transcript PDF
No ratings yet
Crim Pro Midterms Transcript PDF
48 pages
Bond Letter
No ratings yet
Bond Letter
3 pages
Free Jobs To Be Done Template PowerPoint Download
No ratings yet
Free Jobs To Be Done Template PowerPoint Download
4 pages
Online Meetings Phrasebook
No ratings yet
Online Meetings Phrasebook
7 pages
INDUSTRIAL PERSONNEL AND MANAGEMENT SERVICES, INC. v. COUNTRY BANKERS INSURANCE CORP.
100% (1)
INDUSTRIAL PERSONNEL AND MANAGEMENT SERVICES, INC. v. COUNTRY BANKERS INSURANCE CORP.
2 pages
CIS GOVTAX CORPORATION (Marine Foundation's Fiduciary) - 1
No ratings yet
CIS GOVTAX CORPORATION (Marine Foundation's Fiduciary) - 1
7 pages
Renewal Letter For Old Partners
No ratings yet
Renewal Letter For Old Partners
2 pages
1 s2.0 S2667010024000441 Main
No ratings yet
1 s2.0 S2667010024000441 Main
13 pages
Elevating Cultural Preservation Projects Into Urban Regeneration: A Case Study of Bahrain's Pearling Trail
No ratings yet
Elevating Cultural Preservation Projects Into Urban Regeneration: A Case Study of Bahrain's Pearling Trail
9 pages
BSNL
No ratings yet
BSNL
4 pages
The Bharatiya Nyaya Sanhita No 45 of 2023 11
No ratings yet
The Bharatiya Nyaya Sanhita No 45 of 2023 11
1 page

Technical Tip - Blocking Inbound Access From Specif... - Fortinet Community

Uploaded by

Technical Tip - Blocking Inbound Access From Specif... - Fortinet Community

Uploaded by

7/19/23, 5:41 PM Technical Tip: Blocking Inbound Access from Specif...

Forums  Knowledge Base  Community Groups 

This Board Search here

Technical Tip: Blocking Inbound Access from Specific Country IP

Solution 1. Verify 'Local in Policy' Enablement:

Navigate to 'System' and access 'Feature Visibility'. Confirm whether 'Local in

Configure the local-in policy by setting the appropriate parameters:

Submit Article Idea

Broad. Integrated. Automated.

NEWS & ARTICLES

Copyright 2023 Fortinet, Inc. All Rights Reserved.

You might also like