cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 

Layer 7 firewall rule to block countries and then whitelist specific sites/IP addresses

Highlighted
Building a reputation

Layer 7 firewall rule to block countries and then whitelist specific sites/IP addresses

Just wishing for the functionality to block an entire country but then white list specific sites or IPs within that country. Been asking for awhile now, anyone else interested in this?

 

Thanks,

 

Mark

4 REPLIES 4
Highlighted
Kind of a big deal

Re: Layer 7 firewall rule to block countries and then whitelist specific sites/IP addresses

There has been a few threads on this.  And I'll add my support to each one +1.  Sucks to have to un block a whole country for one potential website you still want to access. 

Adam R MS | CISSP, CISM, VCP, MCITP, CCNP, ITILv3, CMNO
If this was helpful click the Kudo button below
If my reply solved your issue, please mark it as a solution.
Highlighted
New here

Re: Layer 7 firewall rule to block countries and then whitelist specific sites/IP addresses

I definitely would be interested in this. We are running into problems where the country is allowed and websites from that same country are being blocked anyways

Highlighted
Here to help

Re: Layer 7 firewall rule to block countries and then whitelist specific sites/IP addresses

I'm a little late to this party but I'd like to be able to do this also.  Our organization frequently needs to interact with sites that are hosted offshore in countries that we need to block for other reasons.

Highlighted
Getting noticed

Re: Layer 7 firewall rule to block countries and then whitelist specific sites/IP addresses

Yes please, one thing we found is it block countries by where they (the IP's) are registered, not where they actually reside. We found this as they were registered in Russia, but were actually being used in the USA. It blocked the IP's even though they were in the US, so we had to allow Russia....Crazy 

Welcome to the Meraki Community!
To start contributing, simply sign in with your Cisco account. If you don't yet have a Cisco account, you can sign up.