Crowdsec blocklists IP

gplatret
Here to help

Crowdsec blocklists IP

Hello,

How to integrate a list of dynamic IPs to prohibit (List Crowdsec).
Sincerely

3 Replies 3
alemabrahao
Kind of a big deal
Kind of a big deal

I don't know if you'll be able to do this in MX, but if possible, it might be something similar to what's in the link below.

crowdsec.net/blog/integrating-crowdsec-with-firewall-appliances

I am not a Cisco Meraki employee. My suggestions are based on documentation of Meraki best practices and day-to-day experience.

Please, if this post was useful, leave your kudos and mark it as solved.
PhilipDAth
Kind of a big deal
Kind of a big deal

If I was trying to do this, I think I would write a script to pull the list, and then update a group policy object, and then have a single L3 rule configured to block that.

 

You could also instead consider having it populate L7 firewall rules, as that blocks in both directions.

PhilipDAth
Kind of a big deal
Kind of a big deal

Going sideways - it would be so much easier to use the Meraki content filtering system - powered by Talos - and just block the dynamic threat categories.

 

PhilipDAth_0-1718054197426.png

 

Get notified when there are additional replies to this discussion.