Firewall rules to block unwanted IP addresses

Ludek
Ludek Posts: 8
First Anniversary First Comment
edited April 2021 in Nebula
We have our own mail server being NSG50. Many IP addresses are trying to log into mail server. Is it possible to block these addresses with firewall rules? Or another rules to block unwanted IP addresses?

Comments

  • Zyxel_Barney
    Zyxel_Barney Posts: 84  Zyxel Employee
    First Anniversary 10 Comments Friend Collector First Answer
    Hello @Ludek

    Is your Mail server perhaps on the LAN-side of your NSG50? Does this also mean that you are using 1:1 NAT or Virtual Server to allow clients from the Internet to access your Mail server?

    If so, we have two solutions:

    1. Black-listing IP Address:
    Use the Outbound Rules to Deny the public IP address of Untrusted mail clients.

    *Use commas to create multiple remote IP addresses.

    2. White-listing IP Address:
    Use the "Allowed remote IP" list to create a white-list of Mail clients (public IP addresses) that can access your Mail server. 

    *Use commas to create multiple remote IP addresses.

    Clients from the Internet not in the allowed remote IP list are blocked by the NSG's default firewall rules.

    Hope this helps!

    Regards,
    Barney

Nebula Tips & Tricks