Recently we have been taksed buy C level executives to block all ip communication to Russia. They are about 65,000 (CIDR aggregated) public ip addresses in China.
I dont want to manage an ACL with 65,000 entries not to mention how much larger it gets to add other countries.
Any suggestions out there?
Thank you
Solved! Go to Solution.
Hi ,
The WSA can block the IPs based on CIDR if you create a custom URL category add it to a access policy and set the custom URL category in the access policy to block.
Sincerely,
Erik Kaiser
WSA CSE
WSA Cisco Forums Moderator
Duplicate post #1.
Hi ,
The WSA can block the IPs based on CIDR if you create a custom URL category add it to a access policy and set the custom URL category in the access policy to block.
Sincerely,
Erik Kaiser
WSA CSE
WSA Cisco Forums Moderator
Hi Erik,
We have an IronPort S370. Are you saying that I can create a custom URL category on the IronPort to accomplish this?
Thank you