Register Now

Login

Lost Password

Lost your password? Please enter your email address. You will receive a link and will create a new password via email.

How to create country based firewall rule in Sophos XG

Overview:

Here in this article, we will discuss how to block any IP address based on country in sophos XG firewall.

Process:

First you need to identify IP address belongs to which country. For that, login to the sophos XG firewall CLI

You can use following article to login to CLI of sophos firewall

Firewall putty

Enter “Device console” (option -4) and then type this command “show country-host ip2country ipaddress <IP address>” as shown below

Command
Country IP command

For your information, sophos firewall will use “MAXMIND” database. You can also search for IP address directly in their website. Here is the URL for their website

https://www.maxmind.com/en/home

Once you identify the IP address belongs to which country, you can create firewall rule. Click on “Rules and Policies” and add “new rule“. Create firewall rule as shown below.

Firewall rule
Firewall Rule

In place of source networks and devices enter the country group. You can search for the country group in the same tab.

Note: It is recommended to use source and network zones as “ANY” to block country effectively.

Hope this article helps you.