XII. Firewall/Security Features
ExpiredCreate Firewall Rules with Country Object
The Firewall on Vigor routers support Country Objects. They allow quicker and easier setup of firewall rules to permit or block access to/from an IP address of a specific country. For example, a network administrator can block certain countries from connecting to the internal server to prevent attacks. Or, to restrict the destination that LAN users can access to selected countries only.
This guide demonstrates how to allow LAN hosts to only access websites and other services located in the UK.
1. Create a Country Object. Go to [Objects Setting] > [Country Object] page. Open one of the available profiles, set a profile Name and select Country.
2. To block traffic to websites and other services except for those located in the UK, we will need to create two firewall rules. The first one to block all websites and services, and the second to allow access to websites and services in the UK.
2-1. Create the rule blockALL. Go to [Firewall] > [Filter Setup] > [Default Data Filter Set] and click an available rule to edit. For this article Filter Set 2 Rule 2 was selected.
- Enable the rule, and keep "Any" for Source IP, Destination IP, and Service Type
- Select "Block if no further Match" for Action, so that the router will check for any exceptions in other rules before applying this action
- Press OK to save
2-2. Create a second rule to allow access to websites and services in the UK. Go [Firewall] > [Filter Setup] > [Default Data Filter Set] page and click on available rule to edit. Make sure that this rule follows the rule created in the previous step. For this step Filter Set 2 Rule 3 was selected.
- Enable the rule and click Edit for the Destination IP/Country to select the Country Object created in the very first step of this guide. A new window should pop up. Make sure that your browser won't block that.
- Set Address Type to Country Object then select Country Object from drop down menu. Press the OK button.
- Now continue with the configuration of the firewall rule by setting up Action/Profile filter to "Pass Immediately"
- Press OK to save
- First Published: 24/07/2020
- Last Updated: 22/04/2021