cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
3221
Views
1
Helpful
3
Replies

Block all Russia IP Addresses

efrazee
Beginner
Beginner

Recently we have been taksed buy C level executives to block all ip communication to Russia. They are about 65,000 (CIDR aggregated) public ip addresses in China. 

I dont want to manage an ACL with 65,000 entries not to mention how much larger it gets to add other countries.

Any suggestions out there?

Thank you             

1 Accepted Solution

Accepted Solutions

Erik Kaiser
Cisco Employee
Cisco Employee

Hi ,

The WSA can block the IPs based on CIDR if you create a custom URL category add it to a access policy and set the custom URL category in the access policy to block.

Sincerely,

Erik Kaiser
WSA CSE
WSA Cisco Forums Moderator

Sincerely, Erik Kaiser WSA CSE WSA Cisco Forums Moderator

View solution in original post

3 Replies 3

Leo Laohoo
VIP Community Legend VIP Community Legend
VIP Community Legend

Duplicate post #1.

Erik Kaiser
Cisco Employee
Cisco Employee

Hi ,

The WSA can block the IPs based on CIDR if you create a custom URL category add it to a access policy and set the custom URL category in the access policy to block.

Sincerely,

Erik Kaiser
WSA CSE
WSA Cisco Forums Moderator

Sincerely, Erik Kaiser WSA CSE WSA Cisco Forums Moderator

Hi Erik,

We have an IronPort S370. Are you saying that I can create a custom URL category on the IronPort to accomplish this?

Thank you

Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community:

Recognize Your Peers