Using InControl version 2.8.2 and above, it is now possible to configure and deploy country-based firewall rules to Peplink routers running firmware 8.0.1 and above.
This feature can be used to block traffic from a specific country.
In the correct InControl2 organization in Group Level select Network settings > Firewall Rules .
Before agreeing that the firewall rules will be governed by InControl2, make sure to plan carefully whether to clear or preserve firewall rules of devices that receive no firewall rules from IC2 upon policy removal. .
Create a new Rule Set and add an inbound firewall rule by clicking the add rule button.
Select Region as Source and select the county of choice and other required options and save the firewall rule.
i’am a little bit confused about that function. Because when i block a specific ip in and out, it works for me well. But when i’am blocking a country, it will not work for me.
And the function to block ip’s from a specific country is really cool!
Can you post some screenshots of you configuration? Or, if you prefer not to share this information you can contact your Peplink partner or raise a ticket with Peplnk support.
Here are my config’s. I tried several Countrys and only one per entry. The one wich only includes the IP from NL (Netherland or other IP’s) still works.
I have followed these instructions and can’t seem to get it to work correctly. I have SSH port forwards setup on my device, then also configured access runs for allowing only certain IP addresses into those port forwards. The SSH port forwards work well and the blocks seem to work (allows are the 1st 2 lines with IP addresses listed). However, there are some more port forwards I have that are over port 80. I would like to limit those to only incoming US traffic. I have configured the following setup, pictured with this post. I have this pushed to my devices, but I can still connect to the units when I run my NordVPN software while selecting an overseas server. I check my IP address and it is showing that my IP should look like an overseas IP. I can still however connect to the devices using the port 80 forward. This clearly should be dropped based on the picture and the access rules I have setup. Please help me get this figured out.
I would like to block any outside the US IP from coming in the Wan to the Lan devices. But shouldn’t my rules above allowing all US traffic then the default being to drop all traffic stop all outside traffic coming from outside of the US and dropping that traffic?
I would suggest you guys look into this issue. I had my data usage go up to over 25MB a day from units that would usually use around 1MB a day when using the allow US rule above. It was allowing other outside IP addresses, even from outside the US to connect to my SSH devices. I even had a deny all SSH rule prior to the allow for the US traffic. Something is seriously wrong, I just removed the allow the US traffic rule and the traffic from outside countries trying to connect to my SSH devices has stopped again. Just thought I would pass this on, it looked like a great feature but clearly was not working and caused further issues on my devices.
i seem to have locked myself out of Balance20 web admin after enabling country block. inControl also now sees device as offline… but internet is still up and working.
I added incoming block rules for Russia, Iran, Iraz, Ukraine, China, North/South Korea, Thailand and Vietnam.
In your SSH devices, do you have the logs for the IP list that try to connect the devices before ? If yes, can you please open a ticket and share the IP list ? This will help support team to verify whether those IP is in US country.
Beside that, do you enable event logging for the inbound firewall rules created ? Suppose if you enable event logging, you should able to check the logs for all the incoming connection.
