Geo-IP Blocking Overview
The Geo-IP Blocking feature allows you to block access to your server from specific countries.
You may choose one or multiple countries to block and RdpGuard will keep them from accessing your server.
It will download the list of updated IP ranges each 24 hours and update the blocking rules accordingly.
To enable Geo-IP Blocking
1. Click Tools, Options
Open Tools, Options, Geo-IP
The RdpGuard Options dialog will open.
2. Switch to the Geo-IP tab and check Enable Geo-IP blocking
Check Enable Geo-IP blocking
3. Click Add
The Add Country dialog will open
The Add Country dialog
4. Select the country you want to block and click Add
5. Repeat steps 3-4 if necessary (but keep the list short)
6. Click Save to close options and save changes.
RdpGuard service will be restarted.
Known restrictions and limitations
Keep the list of blocked countries short
Some country IP blocks may contain thousands of entries and adding many countries may result in
large list of blocked IP addresses, which may cause performance issues. Keep the list of blocked countries short.
This feature is not designed for use cases like:
allow access only for one country and block other countries.
It may work slow with the IP Security Policies blocking method
As you probably know, RdpGuard supports 2 blocking methods for now - Windows Firewall,
which is default and recommended blocking method and IP Security Policies - for cases when you can not use Windows Firewall.
The IP Security Policies blocking method is a way slower than the Windows Firewall.
You may notice this when blocking large sets of IP addresses like country IP blocks.
We do not recommend to use the Geo-IP Blocking feature with the IP Security Policies blocking method.
We are working on the solution and plan to resolve this in future releases.