All traffic from outside is blocked by default If you put in the IP at layer3 firewall as destination traffic should not go to that address so it also wont return.
Another options is to add a rule to the layer7 firewall , deny remote ip range <ip>
The traffic will reach your firewall even if you block them or not. If you have incoming port forwards or 1:1 or 1:many NAT entries you can limit the IP ranges but it is difficult to just block 1 IP and let all others in.
If you want to block for existing flows you are best served by not allowing outbound traffic to those IP addresses which is best done via L7 rules just like ww suggests.
Get notified when there are additional replies to this discussion.
