Firewalla Blue Rules
I am trying to secure a device or two of mine so they can only be accessed by a single country using the geolocation filtering rule. I created a block rule for address range 0.0.0.0/0 then added an allow rule for the one country geolocation I wanted to add. According to the documentation, allow rules supersede block rules and there is no order of rules with Firewalla. I would have assumed this should have worked by blocking all remote addresses with the exception of the one geolocation IP range. However, that doesn't appear to be the case. I am still seeing all sorts of traffic from a bunch of other countries hitting my device.
Am I missing something? I think we should be able to do this but there aren't many other options to try...
-
Double-check your DNS and make sure it is on the allowed list. And when you are doing this, are all the sites down? or some sites are down?
The reason I am asking is, geo-blocking is pretty tricky ... so it works better to block certain countries. block all, then allow, we have yet seen a usable solution. This is simply because the internet is distributed and the data centers are distributed. IP addresses are changing all the time.
-
Ok, I played around with it a bit. I WAS putting in the allow rules for the geolocations in the main section of the rules applied to all devices. Then I was trying to block Internet on 2 devices specifically in hopes they both would get the shared allow rules, but that didn't work. When I subsequently blocked Internet on one host, and added the allow rules for the geolocations specifically to that hosts rule set it seems to have worked. The unfortunate situation is the Firewalla Blue doesn't allow more than 3 geolocation rules so I can't do the same thing on a second host on my network. I was hoping to get around that limit by doing those allow geolocations globally and blocking the Internet on each host.
Please sign in to leave a comment.
Comments
7 comments