How can I configure SonicWall Geo-IP filter using firewall access rules?
12/20/2019 1858 34612
Geo-IP Filter allows administrators to block connections coming to or from a geographic location to resolving the Public IP address to a particular country. This feature is usable in two modes, blanket blocking or blocking through firewall access rules.
Blocking through firewall access rules gives a network administrator greater control over what traffic is and isn't scanned by the Geo-IP Filter. This is useful for deployments in which Outbound Traffic may want to be uninhibited but Inbound traffic should be subject to scanning. Typical deployments of Geo-IP Filter with firewall access rules include DDoS and other network attack mitigation as well as anti-spoofing.
CAUTION: As mentioned, Geo-IP Filter works by tracing a public IP to a particular country. Users which make use of a VPN to disguise their country of origin may be able to get around the Geo-IP Filter by having their traffic appear as if it's coming from a white-listed country. At this times there are no work around for this issue.