Meraki Community
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 

Layer 7 GEO IP false positive blocking

AVIF
Here to help
4 weeks ago
4 weeks ago

Layer 7 GEO IP false positive blocking

Received this message from support about certain websites not being reachable

"There may have been recent problematic geoIP updates released by MaxMind today, resulting in unexpected L7 Firewall rule blocks that were not present before"

I was able to temporarily fix this by removing my Layer 7 country-blocking

Did anyone else have this issue?

 

Labels:
0 Kudos
Subscribe
6 Replies 6
BlakeRichardson
Kind of a big deal
Kind of a big deal
4 weeks ago
4 weeks ago

No but what were the problematic countries? 

btr.net.nz
0 Kudos
Subscribe
IvanJukic
Meraki Employee
Meraki Employee
4 weeks ago
4 weeks ago

Hi Avif,

I've seen this a number of times in the distant past when content providers and such, have incorrect GeoIP records. I would suggest to contact Meraki Support for further assistance with this issue.

 

Cheers,

Ivan

0 Kudos
Subscribe
Malwina
Meraki Employee
Meraki Employee
4 weeks ago
4 weeks ago

Hi All!
As per what you have seen in the e-mail from Meraki, this is a known and ongoing issue.

MaxMind might have published some geoIP updates recently that are causing the unexpected L7 Firewall rule blocks where there weren't any previously. We cannot do anything about this from our end.

@BlakeRichardson, we cannot pinpoint a specific country/countries that would have this issue for GeoIP lookups at this moment, the main point here is to be aware of this behaviour if you see anything out of the ordinary that could be related to L7 rules in your networks. 

As always, if you encounter issues and need a more detailed look into this, please contact Meraki Support for further assistance, we'll be happy to help 🙂 
We hope this will be resolved soon!  

0 Kudos
Subscribe
In response to Malwina
JCortez
New here
3 weeks ago
3 weeks ago

Our org has reached out to Meraki and have been given no more guidance on the issue or acknowledgement of it's relation to Meraki geoblocking. It has been more or less a rhetorical loop with Meraki support stating they have nothing to do with the issue, despite knowing that Meraki hands off it's geolocating to MaxMind. 

Meraki's response after I reopened a ticket they closed:  

There have been no updates on our end because this issue is not related to Meraki. We are unable to address this matter from our end as it pertains to MaxMind, and they will need to resolve it on their end if you're still encountering any issues on your end.

0 Kudos
Subscribe
In response to JCortez
Malwina
Meraki Employee
Meraki Employee
3 weeks ago
3 weeks ago

If you're looking to know more details on what is/isn't blocked why which specific rule etc, Meraki Support can help finding out. Meraki Support cannot resolve the issue itself. Hope this makes sense 🙂 

0 Kudos
Subscribe
jbright
A model citizen
4 weeks ago
4 weeks ago

I could not reach cisco.com from Oklahoma until I removed the Hong Kong country from my layer 7 rules.

I'm pretty sure the closest Akami Edge node to Oklahoma is not in Hong Kong.

It took me several hours on Tuesday to figure this out because some geolocation services were correct and others were not.

I finally found one of the bad geolocation services that showed the IP address in Hong Kong.

As soon as I removed that country, I could reach cisco.com again.

Very frustrating.

0 Kudos
Subscribe
Get notified when there are additional replies to this discussion.
Welcome to the Meraki Community!
To start contributing, simply sign in with your Cisco account. If you don't yet have a Cisco account, you can sign up.
Labels
© 2024 Cisco Systems, Inc.