Firewall rules to block unwanted IP addresses

LudekLudek Member Posts: 5
We have our own mail server being NSG50. Many IP addresses are trying to log into mail server. Is it possible to block these addresses with firewall rules? Or another rules to block unwanted IP addresses?

Comments

  • Nebula_BarneyNebula_Barney Zyxel Official Agent Posts: 54  mod
    Hello @Ludek

    Is your Mail server perhaps on the LAN-side of your NSG50? Does this also mean that you are using 1:1 NAT or Virtual Server to allow clients from the Internet to access your Mail server?

    If so, we have two solutions:

    1. Black-listing IP Address:
    Use the Outbound Rules to Deny the public IP address of Untrusted mail clients.

    *Use commas to create multiple remote IP addresses.

    2. White-listing IP Address:
    Use the "Allowed remote IP" list to create a white-list of Mail clients (public IP addresses) that can access your Mail server. 

    *Use commas to create multiple remote IP addresses.

    Clients from the Internet not in the allowed remote IP list are blocked by the NSG's default firewall rules.

    Hope this helps!

    Regards,
    Barney
Sign In to comment.