cancel
Showing results for 
Search instead for 
Did you mean: 
Post a Question

Why does the wrong flag show up for an IP address in GeoBlocking?

I've seen an interesting behavior in our 80.10 infrastructure.

We use GeoBlocking and many times we'll see where the firewall is dropping the traffic due to a GeoBlock.  But, it posts the wrong country's flag next to the IP address.

In the attachment, you'll see 13.75.126.169 being marked with an American flag.  However, the destination country is marked as HKG.

Checking the MaxMind GeoIP2 City Database does indeed note the IP is registered to Hong Kong.

MSFT is the owner of the IP block.

So, is the firewall log telling me that the IP is owned by a US company, but assigned in another country?

2 Replies
Admin
Admin

Re: Why does the wrong flag show up for an IP address in GeoBlocking?

That doesn’t sound like correct behavior.

Have you opened a TAC case?

0 Kudos

Re: Why does the wrong flag show up for an IP address in GeoBlocking?

Yes, spoke with TAC.

They believe that because the netblock is owned by MSFT, the firewall is showing that as owned by an American company while the network is assigned to another country.  Hence the 2 flags.

It kinda, sorta makes sense.  Just weird to see it like that when you're troubleshooting.