cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
Announcements

Welcome to Cisco Firewalls Community


287
Views
0
Helpful
1
Replies
Highlighted
Beginner

How do I import and block IP addresses by country?

I need to block IP traffics from a certain country. I know I can export a free IP address list from firewall IP generator. The sample output format for Cisco ACL is as below.

What should I do next to import the list to enable blocking in Cisco AXA? I don't want to enter it manually.

 

# -------------------------------------------------------
# Free IP2Location Firewall List by Country
# Source: https://www.ip2location.com/free/visitor-blocker
# Last Generated: 19 Nov 2018 05:20:52 GMT
# [Important] Please update this list every month
# -------------------------------------------------------
deny ip 201.220.192.0 0.0.31.255 any
deny ip 200.55.178.96 0.0.0.31 any
deny ip 200.55.178.80 0.0.0.7 any
deny ip 200.55.178.64 0.0.0.15 any
deny ip 200.55.178.56 0.0.0.7 any
Everyone's tags (3)
1 ACCEPTED SOLUTION

Accepted Solutions
Enthusiast

Re: How do I import and block IP addresses by country?

Hi,

You can just create an access-list with the IP's you downloaded and bind it to the outside interface.

For example.

access-list BLOCK_LIST extended deny ip 201.220.192.0 0.0.31.255 any
access-list BLOCK_LIST extended deny ip 200.55.178.96 0.0.0.31 any
access-list BLOCK_LIST extended deny ip 200.55.178.80 0.0.0.7 any

 

access-group BLOCK_LIST in interface Outside

 

HTH

Abheesh

 

View solution in original post

1 REPLY 1
Enthusiast

Re: How do I import and block IP addresses by country?

Hi,

You can just create an access-list with the IP's you downloaded and bind it to the outside interface.

For example.

access-list BLOCK_LIST extended deny ip 201.220.192.0 0.0.31.255 any
access-list BLOCK_LIST extended deny ip 200.55.178.96 0.0.0.31 any
access-list BLOCK_LIST extended deny ip 200.55.178.80 0.0.0.7 any

 

access-group BLOCK_LIST in interface Outside

 

HTH

Abheesh

 

View solution in original post

CreatePlease to create content
Content for Community-Ad
FusionCharts will render here