How to Configure a Security Policy to Use a Region
71353
Created On 09/25/18 17:46 PM - Last Modified 06/09/23 02:57 AM
Resolution
Overview
This document describes how to create a security policy to use a region instead of using an IP address. This can be done in both source address and destination address fields. Traffic can be blocked or allowed based on the region's name mentioned on the security policy.
Steps
Create a policy and add the source or destination address to the policy.
- Navigate to Policies > Security.
- Click Add to bring up the Security Policy Rule dialog.
- Under the Source (or Destination) tab, add the address by clicking Add and click regions to select a country.
- Select either pre-defined region or custom region, as shown below
- Pre-defined region
Select a region. After selecting a region, additional IP addresses can be added by clicking on Add.
- Custom region
Enter a Name and click "Add" to add IP addresses, as desired. The following screenshot shows the region name as "ABC" and the associated IP address as 10.50.240.63:
The custom region appears under the "Address" area. In this example, the region was configured for the Source section of the security policy:
- Pre-defined region
owner: sbabu