IP region assignment

cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Announcements

IP region assignment

L0 Member

PA 500 running PANOS 6.1.2

We have regional blocks in place that block inbound traffic originating from non-US IP's. However, we have discovered a bit of a dilemma.

We have found that an IP such as 137.135.135.1 originates from Ireland and geomaps as such, but according to whois query is registered to MS in Redmond, WA. So, it is allowed through despite the security policy blocking non US traffic.

I have just begun to look for solutions to this and wanted to see if anyone else here had come up with a a fix without me looking to reinvent the wheel.

Thanks in advance.

Jim

3 REPLIES 3

L4 Transporter

Thanks for the response Gregoux, but my situation is kind of the reverse of what the linked discussion addresses.

In my case, the source address is out of say Germany or England, or Ireland, but the IP is registered with ARIN to Microsoft or Amazon. We've tested reflecting from sites outside the US. If the reflecting site uses an IP that is part of MS or AWS's range then even though the signal originates from outside the US, the PA classifies it as from within the US.  I have tried adding custom objects based on Lat/Long, without any changes in results.

I'll keep digging.

Thanks again.

Hi Jim,

Lets say if IP is outside USA and PANW locates it within USA, than you should open a case. They can update information in next content version.

Regards,

Hardik Shah

  • 2587 Views
  • 3 replies
  • 0 Likes
Like what you see?

Show your appreciation!

Click Like if a post is helpful to you or if you just want to show your support.

Click Accept as Solution to acknowledge that the answer to your question has been provided.

The button appears next to the replies on topics you’ve started. The member who gave the solution and all future visitors to this topic will appreciate it!

These simple actions take just seconds of your time, but go a long way in showing appreciation for community members and the LIVEcommunity as a whole!

The LIVEcommunity thanks you for your participation!