GeoIP Missing from IDS "User Defined" Rules

Started by dcline, May 12, 2020, 04:03:41 AM

Previous topic - Next topic
Print
Go Down Pages1
User actions
May 12, 2020, 04:03:41 AM
Hi All,

I setup a Maxmind account, added the key to the MaxMind URL and then added it to the Firewall Alias GeoIP settings. As per OPNsense instructions, I should go to IDS "User Defined" rules and setup GeoIP blocking rule, however I am missing the GeoIP options completely from the "User Defined" rule settings.

Did I miss something?
May 12, 2020, 04:04:14 PM #1
Quote from: dcline on May 12, 2020, 04:03:41 AM
Hi All,

I setup a Maxmind account, added the key to the MaxMind URL and then added it to the Firewall Alias GeoIP settings. As per OPNsense instructions, I should go to IDS "User Defined" rules and setup GeoIP blocking rule, however I am missing the GeoIP options completely from the "User Defined" rule settings.

Did I miss something?

FWIW, I don't have the geoIP settings in the User Defined section either. 

Are you looking to block based on geoIP data? If so, you can do that via firewall rules after you've created the necessary geoIP alias.
May 12, 2020, 04:11:48 PM #2
That's sort of what I figured since it didn't make sense to me to create a firewall rule and then apply to the IDS - I'll see what I can do with the Firewall. I was following these instructions on setting up GeoIP Blocking via IDS -

https://docs.huihoo.com/m0n0wall/opnsense/manual/how-tos/ips-geoip.html
Print
Go Up Pages1
User actions