Thanks. maybe this should be a suggestion for future enhancements that in the layer y rules we can white list an IP address and place it before the geo blocking rules. Thanks PS: The support from this community has been great. ... View more

The traffic will reach your firewall even if you block them or not. If you have incoming port forwards or 1:1 or 1:many NAT entries you can limit the IP ranges but it is difficult to just block 1 IP and let all others in. If you want to block for existing flows you are best served by not allowing outbound traffic to those IP addresses which is best done via L7 rules just like ww suggests. ... View more