ASA 5520 IP range block or Country IP block

Answered Question
Sep 24th, 2010
User Badges:


i need help on ASA 5520 and i would like to block countries IP address from the attack, there is any way to block countries ip address or range ip address .



Correct Answer by puseth about 6 years 10 months ago

You can get the country ip blocks from here:-

And then you can implement ACL's to block traffic coming in from these subnet range's.



Correct Answer by Jennifer Halim about 6 years 10 months ago

Here is the URL on how to check what IP Range the countries has:

(NB: pls scroll down to the bottom of the page, choose the country and hit "Submit").

Hope that helps.

  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 5 (2 ratings)
jdarnellacsmi Tue, 10/07/2014 - 06:48
User Badges:

I've created a script where you chose an authority by selecting in a menu and it'll give you the configuration to drop into the ASA.

You can block or allow a specific region if you want. I'll be upgrading it to do specific countries but now it does authorities like ARIN, RIPE, APNIC, etc.


This Discussion