How to block the Ip address on Zyxel usg 60 firewall

shashank
shashank Posts: 4  Freshman Member
First Comment
edited April 2021 in Security
Hello,

I need to block the local IP address on Zyxell firewall

Comments

  • PeterUK
    PeterUK Posts: 2,655  Guru Member
    First Anniversary 10 Comments Friend Collector First Answer

    You want security control > policy control then add a deny rule for the IP.

    do you have a switch to the USG as if you do the USG can't deny IP routed by the switch. 

  • Zyxel_Cooldia
    Zyxel_Cooldia Posts: 1,427  Zyxel Employee
    First Anniversary 10 Comments Friend Collector First Answer
    Hi @shashank,
    Configuration as below,
    1)     Go to “Configuration > Security Policy > Policy control” and click “add” to create a rule
    2)     From = LAN1
    To   = WAN
    Source = Lan host which you want to block outgoing traffic.
    Action = deny



  • dudu
    dudu Posts: 6
    First Comment
    Hi,
    I need to block a list of IP's can it be done from a command line? 
  • jasailafan
    jasailafan Posts: 189  Master Member
    First Anniversary 10 Comments Friend Collector First Answer
    @dudu
    You can create an address group object and move the list of IPs to this address group object.
    Then apply this address group object to the security policy rule. 

    Use the commands to create a bundle of IPs.
    Router> configure terminal
    Edit the list of IPs first and then copy and paste them all on console/ssh.
    address-object ip1  10.1.1.1
    address-object ip2  10.1.1.2
    address-object ip3  10.1.1.3
    address-object ip4  10.1.1.4
    address-object ip5  10.1.1.5
    .......

Security Highlight