SonicOS 7.0 Rules and Policies for Policy mode
- SonicOS 7.0 Rules and Policies
- Settings
- Security Policy
- NAT Policy
- About NAT in SonicOS
- About NAT Load Balancing
- About NAT64
- About FQDN-based NAT
- About Source MAC Address Override
- Viewing NAT Policy Entries
- Adding or Editing NAT or NAT64 Rule Policies
- Deleting NAT Policies
- Creating NAT Rule Policies: Examples
- Creating a One-to-One NAT Policy for Inbound Traffic
- Creating a One-to-One NAT Policy for Outbound Traffic
- Inbound Port Address Translation via One-to-One NAT Policy
- Inbound Port Address Translation via WAN IP Address
- Creating a Many-to-One NAT Policy
- Creating a Many-to-Many NAT Policy
- Creating a NAT Load Balancing Policy for Two Web Servers
- Routing
- Decryption Policy
- DoS Policy
- DNS Policy
- Endpoint Policy
- Shadow
- SonicWall Support
Geo-IP
The Settings page in POLICY | Rules and Policies > Settings > GEO-IP | Settings provides a group of settings that can be configured for Geo-IP Filtering. Several of the settings have (information) icons next to them that give screen tips about that setting.
Security Policies can be configured with Geo-IP set to a particular country(s) and have them blocked to achieve this behavior.
Policy-based Settings
To enable Policy-based settings
- When Block connections when Geo IP database is not downloaded and rules need Geo locationis enabled, all connections are dropped when the Geo-IP map database is not downloaded and your policies still need country details.
- When Bypass decryption when Geo IP database is not downloaded and policies need Geo location is enabled, all connections bypass decryption when the Geo-IP map database is not downloaded and your policies still need country details.
Global Settings
To enable Global settings
-
Enable Custom List - This option is disabled by default. Custom lists are sometimes used to correct a false country assignment for an IP address. When the checkbox is selected, Override Firewall Countries by Custom List is made available.
-
Override Firewall Countries by Custom List - This selection is only available when Enable Custom List is enabled. It allows your custom list to override the firewall list where there are differences. Unless you select this Override, the firewall list takes precedence, even when you have enabled a custom list.
- Click Accept to save your settings.
Was This Article Helpful?
Help us to improve our support portal