Meraki

Community

From MX105 is it possible to block INBOUND traffic by country?

Solved
ddawson100
Here to help
3 weeks ago
3 weeks ago

From MX105 is it possible to block INBOUND traffic by country?

We're getting brute force attacks to our public resources protected by our MX105. I would like to limit the attacks by blocking attempts originating from certain. Is it possible to implement country-level blocks for in-bound traffic while allowing our staff to access these countries for out-bound traffic?

0 Kudos
1 Accepted Solution
MartinLL
Building a reputation
3 weeks ago
3 weeks ago

No, Geo-Blocking applies to both directions. No way to only apply it inbound to my knowledge.

 

https://documentation.meraki.com/MX/Firewall_and_Traffic_Shaping/MX_Firewall_Settings 

MLL

View solution in original post

3 Replies 3
MartinLL
Building a reputation
3 weeks ago
3 weeks ago

No, Geo-Blocking applies to both directions. No way to only apply it inbound to my knowledge.

 

https://documentation.meraki.com/MX/Firewall_and_Traffic_Shaping/MX_Firewall_Settings 

MLL
PhilipDAth
Kind of a big deal
Kind of a big deal
3 weeks ago
3 weeks ago

If the public resources are websites, consider using a WAF like CloudFlare.

0 Kudos
GreenMan
Meraki Employee
Meraki Employee
3 weeks ago
3 weeks ago

Further to PhiIip's suggestion, maybe talk to your ISP about getting that kind of traffic blocked at their end, before it also consumes your WAN bandwidth?   Depends how transient it is, I guess

0 Kudos
Get notified when there are additional replies to this discussion.
Welcome to the Meraki Community!
To start contributing, simply sign in with your Cisco account. If you don't yet have a Cisco account, you can sign up.
Labels
© 2024 Cisco Systems, Inc.