Connect. Communicate. Collaborate. Securely.

Home » Kerio User Forums » Kerio Operator » Block specific IP addresses
  •  
fishtech

Messages: 626
Karma: 14
Send a private message to this user
Is it possible to block specific IP addresses (or groups of IP addresses) from connecting?

In Configuration > Network > Firewall I can allow only a certain groups of IP addresses to connect, but i do not see any way to block a group of IP's. Am I missing something?

Thanks,

ft.
  •  
silars

Messages: 429
Karma: 59
Send a private message to this user
It is, but by technicality.

By default, anything *not* in that list is blocked. Essentially, it is an inverse form of blocking, where it is implicitly blocked rather than explicitly blocked.

This does come down to how you phrase this question. I don't see or know of a way to *explicitly* exclude IP addresses using Operator alone. It would appear you would need to use an external firewall to provide that feature.
  •  
fishtech

Messages: 626
Karma: 14
Send a private message to this user
Quote:
This does come down to how you phrase this question. I don't see or know of a way to *explicitly* exclude IP addresses using Operator alone.



This is my question... I want to explicitly exclude some IP addresses.

The reason is, I have a lot of mobile users so I need to allow all IP addresses. However, I also have some sustained dictionary attacks from specific addresses I would like to ban.

Cheers,

ft.
  •  
silars

Messages: 429
Karma: 59
Send a private message to this user
Using an external firewall is not an option?
  •  
fishtech

Messages: 626
Karma: 14
Send a private message to this user
might have to, would prefer not to at this point.

ft.
  •  
Filip Jenicek (Kerio)

Messages: 1094
Karma: 80
Send a private message to this user
Hi

a) as suggested above, use a grown-up firewall, the built-in has only pretty basic functionality.
b) create an ip address group covering all addresses except the ones you don't want. You can use IP ranges to do that, e. g. rule A: 0.0.0.1-198.255.255.255 , rule B: 200.0.0.0-255.255.255.254

Filip
Previous Topic: Cisco SPA302D with Base Station
Next Topic: Delayed dial for some extensions
Goto Forum:
  


Disclaimer:
Kerio discussion forums are intended for open communication between forum members and may contain information and material posted by members which may be useful in learning about Kerio products. The discussion forums are not intended to provide technical support for any specific product. Any information implied or expressed in the discussion forums is that of the posting member. Kerio is in no way responsible for the information posted in the forums, or its accuracy. Kerio employees may participate in the discussions, but their postings do not represent an offical position of the company on any issues raised or discussed. Kerio reserves the right to monitor and maintain the forums to promote free and accurate exchange of information.

Current Time: Sun Oct 22 13:58:07 CEST 2017

Total time taken to generate the page: 0.00443 seconds
.:: Contact :: Home ::.
Powered by: FUDforum 3.0.4.