Geolocation Blocking
Dear all,
I am here to find out how I can apply Geolocation rules to be blocked on the WAN and the Internal Network?
I have identified the group that I can create for this purpose, but I do not know how to apply the rules correctly.
- Copy Link
- Subscribe
- Bookmark
- Report Inappropriate Content
Thanks for posting in our business forum.
You seem to post this on the wrong page. Please select the correct tag as well. If you have trouble following the rules, you may read the community guidelines.
The selected model is OC200.
Apply them in the GW ACL.
If it does not solve your puzzle, please be clear and specific.
- Copy Link
- Report Inappropriate Content
Thanks for posting in our business forum.
Artur.Aragao wrote
I ran some tests blocking all geolocations and I found it funny to see this site "https://www.baboo.com.br/" go unnoticed, without any blocks.
What is so funny? Post your configs and be sure you have cleared up your cache before any sort of tests.
Try harder to understand how Internet things work before you find it funny. I don't see how it is funny.
1. IP does not always stay the same. It requires updates from time to time. Geo IP does not mean a set of IPs is eternal.
2. FQDN means an IP address. An IP address belongs to AS. AS can be owned by an organization. An organization can be classified into a country. A country stands for a set of IPs in the geo-location.
Quote from Internet IP Address Report
Internet IP Address 2024 Report
IP addresses are managed by the Internet Assigned Numbers Authority (IANA) and its regional registries to various organizations worldwide. In this report, we have collected some data with regards to IPv4 address allocations in 2023 based on the IP2Location.
End quote.
Let's understand?
- Copy Link
- Report Inappropriate Content
Thanks for posting in our business forum.
You seem to post this on the wrong page. Please select the correct tag as well. If you have trouble following the rules, you may read the community guidelines.
The selected model is OC200.
Apply them in the GW ACL.
If it does not solve your puzzle, please be clear and specific.
- Copy Link
- Report Inappropriate Content
Thank you very much for your kind reply.
Is the rule always to deny? I had tried to create it enabling only for Brazil and the United States, but I noticed that China went straight from the WAN to the LAN.
Is the router capable of blocking intrusion attempts from other countries? Or does it only prohibit the flow from the LAN to the WAN?
- Copy Link
- Report Inappropriate Content
I ran some tests blocking all geolocations and I found it funny to see this site "https://www.baboo.com.br/" go unnoticed, without any blocks.
- Copy Link
- Report Inappropriate Content
Thanks for posting in our business forum.
Artur.Aragao wrote
I ran some tests blocking all geolocations and I found it funny to see this site "https://www.baboo.com.br/" go unnoticed, without any blocks.
What is so funny? Post your configs and be sure you have cleared up your cache before any sort of tests.
Try harder to understand how Internet things work before you find it funny. I don't see how it is funny.
1. IP does not always stay the same. It requires updates from time to time. Geo IP does not mean a set of IPs is eternal.
2. FQDN means an IP address. An IP address belongs to AS. AS can be owned by an organization. An organization can be classified into a country. A country stands for a set of IPs in the geo-location.
Quote from Internet IP Address Report
Internet IP Address 2024 Report
IP addresses are managed by the Internet Assigned Numbers Authority (IANA) and its regional registries to various organizations worldwide. In this report, we have collected some data with regards to IPv4 address allocations in 2023 based on the IP2Location.
End quote.
Let's understand?
- Copy Link
- Report Inappropriate Content
I appreciate your attention to this case and apologize if you misunderstood my position.
I had done some tests with Whois and I had already seen this.
To me, this is funny, because it worked differently than what an Omada user or client would normally expect. This can be solved by blocking lists.
It was not a joke, please understand that. I am not that kind of person, our cultures are different and I really feel that I may have been understood in that way.
On the contrary. I am a small person seeking knowledge on how to better use my set. I understand that not everyone has the patience to respond here, so I am very grateful for the answers.
Thank you, really.
It helped a lot. More than you can imagine.
God bless you generously.
- Copy Link
- Report Inappropriate Content
Hi, would you mind sharing if the location group in your ACL configuration screenshot can also be applied to Policy-Based Routing rules?
And what model of Omada router are you using? I'm looking for an Omada router with geolocation-based routing capability, but after checking many videos on YouTube, I haven't seen anyone demonstrating location-based routing.
Thank you.
- Copy Link
- Report Inappropriate Content
Hi @evany
Thanks for posting in our business forum.
evany wrote
Hi, would you mind sharing if the location group in your ACL configuration screenshot can also be applied to Policy-Based Routing rules?
And what model of Omada router are you using? I'm looking for an Omada router with geolocation-based routing capability, but after checking many videos on YouTube, I haven't seen anyone demonstrating location-based routing.
Thank you.
This geo group only applies to the ACL. Not applicable to the PBR.
Any of the selling models can do the geo group ACL now.
PBR is not based on the IP rules instead it is on WAN ports.
- Copy Link
- Report Inappropriate Content
Thank you for the reply!
If I want a routing logic like "If destination IP is in China then use WAN2 otherwize use WAN1", does any Omada router support this?
- Copy Link
- Report Inappropriate Content
- Copy Link
- Report Inappropriate Content
Information
Helpful: 0
Views: 599
Replies: 9
Voters 0
No one has voted for it yet.