Create a Post
cancel
Showing results for 
Search instead for 
Did you mean: 
EricH
Participant
Jump to solution

ERROR: Geolocation DB incorrect for owned IP Space

Hello, I hope this is the correct place to post. 

 

Unfortunately I am not a Checkpoint direct customer but I work for a National Healthcare Organization where many of the other entities we interact with appear to be.  Also unfortunate is that there appears to be a mistake in the Checkpoint Geo DB which is classifying our owned IP space of 208.83.39.0/24 to be originating from Spain rather than the actual location of the United States.

Checkpoint Telephone support has confirmed the same and also that the source, Maxmind, has our IP space correctly Geo located in the United States, however was not able to assist with resolving it in the Checkpoint system as we do not have an active contract for our company.  Otherwise they were very helpful in confirming.

 

My reference Service Request Number is: 6-0003565687

 

I have searched this forum and saw that there have been other instances where this has happened and was resolved quickly, though I understand they were paying customers.  Appreciate any help or direction, thank you.

0 Kudos
1 Solution

Accepted Solutions
_Val_
Admin
Admin

@EricH Just a short update.

I reached out internally to the relevant team, and they told me just a moment ago that the issue is now resolved. Please check with your customers and confirm.

Once again, apologies for the nuisance. 

View solution in original post

26 Replies
_Val_
Admin
Admin

If you have a customer or partner whose own Check Point systems are affected by this issue, ask them to open a service request with TAC

EricH
Participant

Hi Val, thank you and also the_rock for responding.  I did receive the same recommendation from TAC, however many of the entities we are attempting to connect with are government based and instead will one by one whitelist our connection attempts.  I will see if I have any options through our partners but I was hoping that this was something Checkpoint could correct similar to a URL misclassification which appears to be a public facing option.

0 Kudos
_Val_
Admin
Admin

I understand the frustration, but the only proper way to address this is through TAC.

0 Kudos
EricH
Participant

Agreed.. I am exploring all options as our most responsive company counterparts appear to not have CheckPoint support options.

0 Kudos
the_rock
Legend
Legend

If I were you, I would see if maybe local Check Point SE can open the case themselves and have someone internally chase this. I found in the past that to be the best option if you cannot open the case yourself.

 

0 Kudos
EricH
Participant

Not sure if that is an option as we don't use Check Point products.  I did reach out to our national IT equipment distributer to see if they can help us out.

0 Kudos
_Val_
Admin
Admin

@EricH Just a short update.

I reached out internally to the relevant team, and they told me just a moment ago that the issue is now resolved. Please check with your customers and confirm.

Once again, apologies for the nuisance. 

EricH
Participant

Oh wow, this would be great, thank you, I will try to confirm!

 

I'm not familiar with Check Point Firewall GeoDB update process, is it as available generally?

 

Thank you !

 

 

0 Kudos
_Val_
Admin
Admin

It should be. 


0 Kudos
EricH
Participant

Awesome, thank you so much!

EricH
Participant

This is resolved, thank you !

the_rock
Legend
Legend

Great news! 👍

0 Kudos
G_W_Albrecht
Legend
Legend

Not even took a whole week 😎

CCSE CCTE CCSM SMB Specialist
the_rock
Legend
Legend

@_Val_ to the rescue ✔

By the way, I found with literally every major vendor, this takes most 3 business days.

0 Kudos
_Val_
Admin
Admin

Not sure I understand your comment. Not sure I even want to.

(1)
the_rock
Legend
Legend

Nothing to understand really. Its simply stating what I know, but same happened here as well. I think it was actually less than that, it was 2 business days to sort the issue. Most important thing its fixed 🙂

0 Kudos
the_rock
Legend
Legend

Let us know if it worked, hope it wont take too long to update. Maybe have them install policy just to be on the safe side. And also install database on the management, not sure if its needed, but thats pretty quick.

0 Kudos
EricH
Participant

Fingers crossed!

Will update once I am able to confirm.  

 

Thank you again all!

the_rock
Legend
Legend

Im very hopeful 💪👍

0 Kudos
the_rock
Legend
Legend

Hopefully TAC can help as there is already an active case. Yes, you are right, it shows USA on every site I checked. Now, in the meantime, you can try below (it does need cpstop/cpstart on the mgmt)

https://community.checkpoint.com/t5/API-CLI-Discussion/One-liner-to-update-IpToCountry-data-on-Secur...

Andy

G_W_Albrecht
Legend
Legend

Should be resolved quickly ! One week maximum.

CCSE CCTE CCSM SMB Specialist
the_rock
Legend
Legend

Thats usually my experience as well.

0 Kudos
EricH
Participant

Hi G_W_Albrecht, do you mean once support issues a corrected DB or automatically regardless?  From what I can tell this issue started for us last week on 3/8 and I do not see the IP space as being historically incorrect in Maxmind so I'm not sure if it will auto-resolve as it may be an error on the Checkpoint DB itself.

0 Kudos
G_W_Albrecht
Legend
Legend

I have had customers with the same issue, Maxmind is correct but CP DB not - as soon as CP is told of the error, they will update their DB at the next update process ! As CP only does weekly updates it should be resolved in 7 days max...

CCSE CCTE CCSM SMB Specialist
0 Kudos
EricH
Participant

Got it, thank you.  I did inform them via TAC and asked for a curtesy escalation, fingers crossed there.

I will be asking any of our 3rd parties which appear to have a CheckPoint to entertain opening a case on our behalf as well, this is pending response.

0 Kudos
the_rock
Legend
Legend

Good idea @EricH 

0 Kudos

Leaderboard

Epsum factorial non deposit quid pro quo hic escorol.

Upcoming Events

    CheckMates Events