Hi,
Can you try to deny all the countries in a less priority rule and whitelist the allowed country with higher priority? This way you only need to use 3 custom rules.
Regards,
Msrini
This browser is no longer supported.
Upgrade to Microsoft Edge to take advantage of the latest features, security updates, and technical support.
Hi,
I have an Azure Application Gateway V2 pointing at a new WAF custom Policy.
In this custom policy I have added a single custom rule to deny access from certain countries.
I have about 15 countries I want to allow access and deny all the other countries.
Adding all the other countries from the pick list to deny I get a message saying 'Only Maximum of 10 geo locations are allowed'
Any idea of what combinations of custom rules I can do to achieve this without an excessive amount of custom rules.
At the moment I would be looking at creating 16 custom deny rules ( 16*10 countries in each rule to get to the 160 country exclude list )
There must be an easier way?
Thanks
Hi,
Can you try to deny all the countries in a less priority rule and whitelist the allowed country with higher priority? This way you only need to use 3 custom rules.
Regards,
Msrini
Thanks Msrini, I came up with the following that seems to work.
Priority 10 - Allow 10 countries (Geo Location Rule)
Priority 20 - Allow 6 countries (Geo Location Rule)
Priority 100 - Deny all that "doe not contain" an arbitrary IP address e.g. 127.0.0.1 (IP Address Match Rule)
Once again thanks J
Hey Jason,
Awesome feedback.
thanks