0
Votes

We need a working GEO Country Block for Omada

This thread has been locked for further replies. You can start a new thread to share your ideas or ask questions.
 
0
Votes

We need a working GEO Country Block for Omada

This thread has been locked for further replies. You can start a new thread to share your ideas or ask questions.
We need a working GEO Country Block for Omada
We need a working GEO Country Block for Omada
2024-08-08 04:19:36 - last edited 2024-08-09 06:35:30
Tags: #CountryBlock
Model: ER8411  
Hardware Version: V1
Firmware Version: 1.2.1

This has been a critical requirement now for 2 years and TP-Link still failed to deliver. We would like to country block other countries like 

 

Block all incoming traffic from China

Block all incoming traffic from Japan 

Block all incoming traffic from Russia 

 

Allow outbound traffic to China, to Japan and to Russia at the our discretion. 

 


Many of us in the US who are using TP-Link ER8411 continues to see attacks from many countries trying to gain access to hosted services. If someone at TP-Link does not make this a top priority to deliver we will switch to another product. Heck, even Ubiquiti has this feature but somehow TP-Link has been dragging feet to deliver an industry standard.

 

We want to have the ability to block specific or all countries inbound or outbound or both using Omada. I am sick of seeing the constant attacks so this needs to be delivered

 

From Ubiquiti's site on their gateway

Gateway Features
Performance Redundant WAN with failover and load balancing
WiFi QoS with UniFi APs
Application, domain, and country-based QoS
Application and device type identification
Additional internet failover with LTE Backup
Internet quality and outage reporting
Next-generation security Application-aware firewall rules
Signature-based IPS/IDS threat detection
Content, country, domain, and ad filtering
VLAN/subnet-based traffic segmentation
Full stateful firewall
Advanced networking License-free SD-WAN
WireGuard, L2TP and OpenVPN server
OpenVPN client
OpenVPN and IPsec site-to-site VPN
One-click Teleport and Identity VPN
Policy-based WAN and VPN routing
DHCP relay
Customizable DHCP server
IGMP proxy
IPv6 ISP support

 

 

Thank you

#1
Options
1 Accepted Solution
Re:We need a working GEO Country Block for Omada-Solution
2024-08-08 16:03:11 - last edited 2024-08-08 16:11:42

  @BCosse 

 

yes as i said, unifi has a very simple geo block, omada has a much more advanced one. unifi can either block or allow. on omada you can create many rules for geo block. you do this on router acl. first create locaton groups then you create router acl.

 

Recommended Solution
#5
Options
5 Reply
Re:We need a working GEO Country Block for Omada
2024-08-08 07:31:41 - last edited 2024-08-08 07:32:53

  @BCosse 

 

what is the problem? I've been using this for a while on the ER8411. it actually works better than unifi that you refer to.

unifi has very limited configuration on geo block

 

 

#2
Options
Re:We need a working GEO Country Block for Omada
2024-08-08 15:55:03

  @MR.S 

 

This ER8411 w/ Omada does not have country block like Ubiquiti. With Ubiquiti and other brands we can check 1 box to block an entire country. With Omada we can only block individual IP addresses 

 

ex. Omada - this has become the norm with hosting services on Omada. The never ending attacks but when you try to block every attack you get a message that the list is full

Aug 06, 2024 06:04:05 pm Singapore ET EXPLOIT Possible ... Major Exploit  attempted-admin Attempted Administrator Priv...

 

We can only block that IP or create rules to block that IP range which is a line by line task 

 

Ubiquiti 

UniFi Gateway - Country Restriction

Traffic Routes is a feature found in the Firewall & Security section of your Network application that allows you to block or allow traffic to specific countries or territories.

Requirements

  • A UniFi gateway 

Available Options

Country Restrictions can be configured to:

  • Block or allow traffic.
  • Match one or more countries or territories.
  • Apply to both incoming and outgoing traffic.

Examples

If you want to only allow traffic to services in your own country, then configure Country Restriction with the following options:

  • Action: Allow
  • Country: Select your own country
  • Direction: Both

If you want to block traffic to and from specific countries, then configure Country Restriction with the following options:

  • Action: Block
  • Country: Select one more more countries
  • Direction: Both

     

#3
Options
Re:We need a working GEO Country Block for Omada
2024-08-08 15:56:33

  @MR.S 

Ubiquiti

#4
Options
Re:We need a working GEO Country Block for Omada-Solution
2024-08-08 16:03:11 - last edited 2024-08-08 16:11:42

  @BCosse 

 

yes as i said, unifi has a very simple geo block, omada has a much more advanced one. unifi can either block or allow. on omada you can create many rules for geo block. you do this on router acl. first create locaton groups then you create router acl.

 

Recommended Solution
#5
Options
Re:We need a working GEO Country Block for Omada
2024-08-08 16:11:07

  @MR.S 

 

Wow they put it under ACL instead of IPS/IDS. Found it thank you. I will setup the block and see if it works

#6
Options