cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
Announcements
2770
Views
1
Helpful
3
Replies
efrazee
Beginner

Block all Russia IP Addresses

Recently we have been taksed buy C level executives to block all ip communication to Russia. They are about 65,000 (CIDR aggregated) public ip addresses in China. 

I dont want to manage an ACL with 65,000 entries not to mention how much larger it gets to add other countries.

Any suggestions out there?

Thank you             

1 ACCEPTED SOLUTION

Accepted Solutions
Erik Kaiser
Cisco Employee

Hi ,

The WSA can block the IPs based on CIDR if you create a custom URL category add it to a access policy and set the custom URL category in the access policy to block.

Sincerely,

Erik Kaiser
WSA CSE
WSA Cisco Forums Moderator

Sincerely, Erik Kaiser WSA CSE WSA Cisco Forums Moderator

View solution in original post

3 REPLIES 3
Leo Laohoo
VIP Community Legend

Duplicate post #1.

Erik Kaiser
Cisco Employee

Hi ,

The WSA can block the IPs based on CIDR if you create a custom URL category add it to a access policy and set the custom URL category in the access policy to block.

Sincerely,

Erik Kaiser
WSA CSE
WSA Cisco Forums Moderator

Sincerely, Erik Kaiser WSA CSE WSA Cisco Forums Moderator

View solution in original post

Hi Erik,

We have an IronPort S370. Are you saying that I can create a custom URL category on the IronPort to accomplish this?

Thank you

Content for Community-Ad

This widget could not be displayed.