Configuring an IP reputation block list
Upload the source IP's or CIDRs that you want the ADC to block in the IP reputation block list. When these source IP's try to access the VS, the connection will fail. You can create IP/Netmask or IP Range type block list, back up or restore files.
The content of IP reputation block list file should be coded in ASCII and every line can be a IP netmask or IP address range. There can be 256 IP netmasks or IP address ranges in the file. It looks like this:
192.168.1.1-192.168.1.10
172.16.1.1-172.16.2.100
10.1.1.0/24
20.1.1.0/24
You use the Restore utility to import the file and the Back Up utility to export it. This operation will back up the current restored IP reputation block list, however, it does not back up user-configured entries.
You use the Clean utility to erase entries that were imported from the text file. This operation will erase the current restored IP reputation block list, however, it does not affect user-configured entries.
To create an IP Reputation block list:
- Go to Network Security > IP Reputation.
- Click the IP Reputation Blocklist tab.
- Click Create New and configure a new block list as described in IP Reputation block list.
- Click Save.
| Settings | Guidelines |
|---|---|
|
Status |
Enable or disable the exception. You might have occasion to toggle the exception off and on. |
|
Type |
|
|
IP/Netmask |
If IP/netmask is selected in the Type field above, specify a subnet using the address/mask notation. |
|
Start IP / End IP |
If IP Range is selected in the Type field above, specify the starting address and ending address of the IP range. |