Something is not working correctly with GEOIP Country Blocking and CB Exceptions in v.9.1.
The attached firewall log shows that e-mail packets are being dropped due to Country Blocking GEOIP restrictions on this Sophos 9.1 box. My understanding is that this should not be happening based on #1 and #2 below.
1. Country Blocking is enabled for all countries with a setting of [FROM], except for two countries which are both turned [OFF].
2. A Country Blocking Exception for all SMTP email is enabled for all countries (except same two listed on #1 above) with the settings [COMING FROM] [ANY] Host or Network to [SMTP 25].
***Edit: the settings above in #2 do not work correctly. See the correct settings further down the page.
The small portion of the firewall log (attached file) shows some example email packets that should be allowed by #2 above. There are actually many more. You can see that the log says it's specifically due to GEOIP restrictions. (Note that the IP, MAC and inbound Ports have been changed)
Question: Why are these packets being dropped for GEOIP Country Blocking? Is this a bug?
This thread was automatically locked due to age.
