This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Sophos UTM country blocking - blocking geo allowed IP

Greetings,

My utm firewall is for some reason blocking a US based cloudfare IP for Discord. This started a couple days ago I think. 

I of course don't have the US blocked in country blocking, but the country blocking rule is blocking it.. Here is some data for this. I think this may be some sort of FP perhaps??

From the Shell:

geoiplookup 162.159.135.232
GeoIP Country Edition: US, United States

From the network logs:

2023:04:04-10:41:23 bouncerasg ulogd[13546]: id="2021" severity="info" sys="SecureNet" sub="packetfilter" name="Packet dropped (GEOIP)" action="drop" fwrule="60019" initf="lag0" outitf="eth5" srcmac="" dstmac="" srcip="<mypc>" dstip="162.159.135.232" proto="17" length="1378" tos="0x00" prec="0x00" ttl="127" srcport="63248" dstport="443"

From the UI:

I know I can just exclude the IP, but why is the firewall doing this?!?!

Thanks,
Chris



This thread was automatically locked due to age.
Parents
  • +1 with this problem.


    Version 9.714-4, but also had it on the last Version, just upgraded to test if its the version.

    Only disabling the whole Country Blocking helps.
    Setting the affected country to any value "all, from, to, off" does not make any difference.

Reply
  • +1 with this problem.


    Version 9.714-4, but also had it on the last Version, just upgraded to test if its the version.

    Only disabling the whole Country Blocking helps.
    Setting the affected country to any value "all, from, to, off" does not make any difference.

Children
No Data