Enable Tor Exit Node Blocking in a Policy

When you enable the Tor Exit Node Blocking service (Fireware v12.8.1 and higher and Fireware v12.5.10 and higher), Tor Exit Node Blocking is automatically enabled for all policies. If you want more control over the types of connections the Firebox denies, you can enable or disable Tor Exit Node Blocking for a specific policy in the policy settings.

Tor Exit Node Blocking blocks inbound Tor exit node traffic only. It does not block outbound traffic from the Firebox to Tor exit nodes. If you want to block outbound Tor exit node traffic, use Application Control. For more information, go to Application Control.

If Tor exit node traffic originates from a country that you block with the Geolocation service, Tor Exit Node Blocking blocks the Tor exit node traffic, not the Geolocation service.

You must globally enable the Tor Exit Node Blocking service before you can enable or disable Tor Exit Node Blocking for a policy.

  1. Select Firewall > Firewall Policies.
  2. Click a policy.
  3. Select the Settings tab.

Screenshot of the Settings tab in the HTTP-proxy policy

  1. Select the Enable Tor Exit Node Blocking check box.
  2. Click Save.
  1. Double-click a policy.
    The Edit Policy Properties dialog box opens.

Screenshot of the Edit Policy Properties dialog box Policy tab

  1. Select the Enable Tor Exit Node Blocking check box.
  2. Click OK.
  1. Select Firewall > Firewall Policies.
  2. Click a policy.
  3. Select the Settings tab.
  4. Clear the Enable Tor Exit Node Blocking check box.
  5. Click Save.
  1. Double-click a policy.
    The Edit Policy Properties dialog box opens.
  2. Clear the Enable Tor Exit Node Blocking check box.
  3. Click OK.

Related Topics

About Tor Exit Node Blocking

Configure Tor Exit Node Blocking

Configure the Tor Exit Node Blocking Update Server