Hi @Fagani ,
We have option in Palo Alto to configure security policy based on source and/or destination region / countries / Geo-Location where you can define action (allow/deny) against same based on your requirement. If you want to allow traffic from one specific region & block rest, then you can have two policies where one will allow traffic from one region and other policy you will have to configure below allowed one. This second policy will block traffic from unwanted region.
We do it in a Geo Location Deny rule (just what we have called it) and use the negate option to deny all traffic that isn't in the regions added from the outside to inside. We also use regions on inside to outside traffic although you have to be careful as many of the content providers now have datacenters in various countries. We are using Deny.
Click Accept as Solution to acknowledge that the answer to your question has been provided.
The button appears next to the replies on topics you’ve started. The member who gave the solution and all future visitors to this topic will appreciate it!
These simple actions take just seconds of your time, but go a long way in showing appreciation for community members and the LIVEcommunity as a whole!
The LIVEcommunity thanks you for your participation!