Google.com incorrectly Geolocated

SOLVED
RickA
Conversationalist

Re: Google.com incorrectly Geolocated

@putt4show Both of your listed websites are working for our organization, and we are full Meraki Cloud deployed. If these websites are not working for you it has to be something other than Meraki.

 

Websites you listed are 

 
putt4show
Here to help

Re: Google.com incorrectly Geolocated

we still have Hong Kong blocked and i don't plan to remove or change our L7 rules. we prtty much are blocking all countries outside of the USA.

 

I'm assuming your probably have made changes to your L7 rules.

MarcAEC
Getting noticed

Re: Google.com incorrectly Geolocated

I've sent this "wish" in multiple times over the last few years.  It feels like "Make a Wish" just goes direct to /dev/null.  😞

StosSpiro
Here to help

Re: Google.com incorrectly Geolocated

@Warren - This exactly what is occurring in my network. This wasn't an issue prior to the GEO IP issue. 

 

StosSpiro_0-1632756256242.png

 

Christos Spiropoulos
MarcAEC
Getting noticed

Re: Google.com incorrectly Geolocated

I believe the vendor is MaxMind.  Here is the lookup tool. 

 

https://www.maxmind.com/en/geoip2-precision-demo

 

I've had good experiences getting MaxMind to correct incorrect locations versus trying to do it through Meraki Support.

 

https://support.maxmind.com/geoip-data-correction-request/

 

Meraki support usually fights with me.  MaxMind will just make the correction. 

putt4show
Here to help

Re: Google.com incorrectly Geolocated

@StosSpiro the 2 websites we're having an issue with still, are the same Securi ones also...

 

although when i checked on Friday the Maxmind database was not showing any results for these 2 websites but this morning they are showing up with results in the database.

putt4show
Here to help

Re: Google.com incorrectly Geolocated

@MarcAEC i tried filling out the form on maxmind website but how do i know what the correct geo location should be?

RickA
Conversationalist

Re: Google.com incorrectly Geolocated

@putt4show 

 

We also block almost every country outside of the United States, and yes we have Hong Kong blocked in our Layer 7 rules. I just wanted to let you know and can confirm, we are able to access both of the websites you listed. I'm certain this seems as though it is a strange coincidence, but Meraki is definitely not blocking those websites and is definitely not seeing those website IPs as China/Hong Kong.

 

POSSIBLE SOLUTION:  Just for the measure of testing, try removing Hong Kong from your Layer 7 rules and save. Then add it back in and save.

StosSpiro
Here to help

Re: Google.com incorrectly Geolocated

We never had any connectivity issues with CCH Axcess prior to this GEO IP debacle. Even though this vendor is still calling on IE, they will be doing away with that come November 30, 2021. I needed to add Singapore to my list of whitelisted countries on those Meraki networks which are not able to reach this SaaS based program. 

 

Also, based off of my case with Meraki that I worked with them last night, when you whitelist a client (Allow List), the SaaS based app is able to load the sign on screen. When reverting it back to the original policy of "Normal", it continues to work! Imagine how tedious it would be do this for X amount of user devices, especially for laptops during the pandemic when users are sporadically getting onto the LAN if ever? 

 

StosSpiro_0-1632757079062.png

 

 

Christos Spiropoulos
MarcAEC
Getting noticed

Re: Google.com incorrectly Geolocated

I use https://www.iplocation.net/ to compare.  It shows the results from 5 different Geo IP databases.  When MaxMind has been wrong, I've used the results from iplocation.net to support my case.

 

For example, the two sites RickA @putt4show  is having trouble with, http://ontargetrange.com/ (192.124.249.67) and https://officesolutions.com/log-in/ (192.124.249.110), are showing as Singapore in MaxMind, but iplocation.net is showing them in the United States in all 5 databases.

Warren
Getting noticed

Re: Google.com incorrectly Geolocated


@MarcAEC wrote:

I've sent this "wish" in multiple times over the last few years.  It feels like "Make a Wish" just goes direct to /dev/null.  😞


While Account Reps and Support claim that "Make a Wish" has an impact on what is developed, there are tons that we have put in that we haven't seen any progress on in 5 years and pretty much don't expect it.  If it's a small UI tweak then I think it's likely.  If it's a functionality request - don't hold your breath.  AnyConnect support (Ikev2) had been wished for years before there was any progress.  

RickA
Conversationalist

Re: Google.com incorrectly Geolocated

@MarcAEC just a small correction, we are not having difficulty reaching the websites outlined. If I recall correctly, it is @putt4show which is unable to reach those websites.

 

As a potential solution, I would suggest temporarily removing Hong Kong and/or Singapore from your Layer 7 "deny" list and saving. Then you can immediately add it back in and save the changes again. Our organization does indeed block both of these country communications, and we can reach those websites today!

GiacomoS
Meraki Employee

Re: Google.com incorrectly Geolocated

Hey awesome people of the community,

 

Thank you for all your comments and feedback here, it is hugely appreciated. 

 

I've seen some of you are still struggling with some websites. Please do reach back out to the Support Team, they are aware of the procedure to get this corrected and will be able to action this for you, but please do keep in mind that it may take a few days to reflect. 

 

If you are unsure whether the IP is geolocated correctly, I'd recommend cross referencing different tools, like for example Maxmind's vs Neustar's or any other lookup tool you can find on the web. 

If you can send this across to the Support team they'll be able to action it without too much investigation. 

 

Regarding the Make a Wish button, I hear you all. I can reassure you that all of the wishes you send across get reviewed regularly and decided upon by our Product Management team, but they are weighted against many more other wishes or issues that we are addressing. They never fall on deaf hears though!

 

Giac

Please keep in mind that what I post here is my personal knowledge and opinion. Don't take anything I say for the Holy Grail, but try and see!
Appreciate who helps and be respectful of every opinion and every solution offered.
Share the love, especially the Meraki one!
putt4show
Here to help

Re: Google.com incorrectly Geolocated

@MarcAEC thanks for the info! actually it's me having the issue with those specific sites and not @RickA but i am sure your feedback will help him also.

 

i'm like 5 years removed from engineering work and mostly am responsible for higher level strategy and planning these days so this technical stuff is not my forte anymore.

 

but lately relying on our IT MSP has been unreliable and untimely!

Warren
Getting noticed

Re: Google.com incorrectly Geolocated


@StosSpiro wrote:

@Warren - This exactly what is occurring in my network. This wasn't an issue prior to the GEO IP issue. 

 

StosSpiro_0-1632756256242.png

 


That is what we found as well - even though it's in the USA according to another source

Warren_0-1632757890784.png

 

Or tracert it.

 

49 ms 33 ms 15 ms ae12.cr2-was1.ip4.gtt.net [89.149.130.157]
20 ms 20 ms 20 ms ip4.gtt.net [173.205.46.86]
20 ms 20 ms 21 ms cloudproxy10022.sucuri.net [192.124.249.22]

 

MaxMind thinks 173.205.46.86 is in Austin TX and 89.149.130.157 is in Germany - so clearly they are wrong.

BrightCloud (WebRoot) says 89.149.130.157  is in Washington State, which lines up with the was1 in the url.

 

All in all though it's been a long time since we have seen major services interrupted by the GeoIP filter.

 

 

 

Warren
Getting noticed

Re: Google.com incorrectly Geolocated


@MarcAEC wrote:

I use https://www.iplocation.net/ to compare.  It shows the results from 5 different Geo IP databases.  When MaxMind has been wrong, I've used the results from iplocation.net to support my case.

 

For example, the two sites RickA @putt4show  is having trouble with, http://ontargetrange.com/ (192.124.249.67) and https://officesolutions.com/log-in/ (192.124.249.110), are showing as Singapore in MaxMind, but iplocation.net is showing them in the United States in all 5 databases.


The SUCURI.net service resolves to 192.124.249.22 - so it seems like maxmind just misclassified that whole block 192.124.249.0/24

 

Warren_0-1632758500534.png

Sucuri seems to be a large player in the WAF / website security space - so not as bad as blocking CloudFlare or Akamai - but still big enough to make a dent.

 

We typically block hong kong and Singapore - and will add them back after this MaxMind issue is resolved.

Warren
Getting noticed

Re: Google.com incorrectly Geolocated


@StosSpiro wrote:

Also, based off of my case with Meraki that I worked with them last night, when you whitelist a client (Allow List), the SaaS based app is able to load the sign on screen.

 


This and packet captures from the client is how we troubleshoot things like these as well.  Just remember to move the client back to Normal and not leave them on Whitelist.

MarcAEC
Getting noticed

Re: Google.com incorrectly Geolocated

@GiacomoS,

 

If something sits in a queue for years, it's the same as being ignored.  All of NordOps's suggestions are good and should be moved to the top of the list. 

 

https://community.meraki.com/t5/Security-SD-WAN/Google-com-incorrectly-Geolocated/m-p/129887/highlig...

 

Many of us have requested #1 and #2 years ago.  Years = deaf ears.

putt4show
Here to help

Re: Google.com incorrectly Geolocated

@MarcAEC i got a quick response from MaxMind, within a couple of hours that the issue should be fixed in their database "next Tuesday" hopefully that means tomorrow. thanks again for your help!

 

 

Dear Requester,

We have reviewed and accepted your correction for IP range https://protect-us.mimecast.com/s/LNsiCKrG6YS7NBXuMnKkV?domain=192.124.249.0. The corrected data should appear in next Tuesday’s update. We will not send additional confirmation emails for separate corrections (you have submitted) that are accepted within the next 24 hours.

You may check whether your correction was applied via our database or web service online demos:

If you have any questions please contact us at correction@maxmind.com.

Sincerely,
The Team at MaxMind

Get notified when there are additional replies to this discussion.
Welcome to the Meraki Community!
To start contributing, simply sign in with your Cisco account. If you don't yet have a Cisco account, you can sign up.
Labels