>
    Block Incoming Connections from Specific Countries
    Focus
    Download PDF
    Focus
    1. Home
    2. Prisma Access
    3. Prisma Access Advanced Deployments
    4. Block Incoming Connections from Specific Countries
    Download PDF
    Prisma Access

    Block Incoming Connections from Specific Countries

    Table of Contents

    Block Incoming Connections from Specific Countries

    Use
    Prisma Access allows you to create security policy rules to block login attempts for Remote Network, Mobile Users—GlobalProtect, and Mobile Users—Explicit Proxy deployments from countries you specify. Prisma Access blocks incoming connections from the countries you specify based on the geo location information from the source IP address of the client.
    To block incoming connections from these countries, complete the following task.
    1. Create a security policy pre rule using one of the specific rule names:
      Be sure that you configure this rule as a pre rule.
      • To block a country for Mobile Users—GlobalProtect deployments, create a rule named Mobile_User_EMBG_Source_Countries.
      • To block a country for Mobile Users—Explicit Proxy deployments, create a rule named Explicit_Proxy_EMBG_Source_Countries.
      • To block a country for Remote Network deployments, create a rule named Remote_Network_EMBG_Source_Countries.
    2. Add a Tag for the rule named PA_predefined_embargo_rule.
    3. Add one or more countries to block in the Source.
    4. Specify an Action of Drop.

    © 2024 Palo Alto Networks, Inc. All rights reserved.