Geo-IP Blocking Overview
The Geo-IP Blocking feature allows you to block access to your server from specific countries.
You may choose one or multiple countries to block and RdpGuard will keep them from accessing your server.
It will download the list of updated IP ranges each 24 hours and update the blocking rules accordingly.
To enable Geo-IP Blocking
1. Click Tools, Options
Open Tools, Options, Geo-IP
The RdpGuard Options dialog will open.
Check Enable Geo-IP blocking
2. Switch to the Geo-IP tab and check Enable Geo-IP blocking
3. Click Add, the Add Country dialog will open
The Add Country dialog
4. Select the country you want to block and click Add
5. Repeat steps 3-4 if necessary (but keep the list short)
6. Click Save to close options and save changes.
RdpGuard service will be restarted.
Known restrictions and limitations
Keep the list of blocked countries short
Some country IP blocks may contain thousands of entries and adding many countries may result in
large list of blocked IP addresses, which may cause performance issues. Keep the list of blocked countries short.
This feature is not designed for use cases like:
allow access only for one country and block other countries.
It may work slow with the IP Security Policies blocking method
As you probably know, RdpGuard supports 3 blocking methods for now - Windows Filtering Platform (1),
which is default and recommended blocking method and Windows Firewall (2) and IP Security Policies (3) - for backward compatibility.
The IP Security Policies blocking method is a way slower than others.
You may notice this when blocking large sets of IP addresses like country IP blocks.
We do not recommend to use the Geo-IP Blocking feature with the IP Security Policies blocking method.