Guest User!

You are not Sophos Staff.

Thread Info
  • State Verified Answer
  • Locked Locked
  • Replies 3 replies
  • Answers 1 answer
  • Subscribers 27 subscribers
  • Views 749 views
  • Users 0 members are here
Options
Suggested
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

USA country group issue

PeteH

We have an exchange firewall rule that we only allow certain countries as the source.  If someone goes on holiday we add the country and that works but recently we did this with the USA and the person couldn't access their emails or owa.

I couldn't find anything in the logs so in the end changed the source to any to test and sure enough the user could access their emails whilst they were in the USA.

Why would the USA country group not work?  

We are on v19.0.1



This thread was automatically locked due to age.
Parents
  • 0

    Hi  What was the public IP of the end person/user who was unable to access the exchange?

    For that IP have you managed to validate the country on the XG firewall via the below command to confirm whether is it falling in the USA OR another country?

    console> show country-host ip2country ipaddress <ip address>

    https://support.sophos.com/support/s/article/KB-000035611?language=en_US

    If IP belongs to another country on XG then check the IP in the below database to confirm if it falls in the same country or different.

    https://www.maxmind.com/en/geoip-demo

    With all the above outcomes, you may log a support case if IP Is actually from the USA and belongs to another country to take it further. As in workaround along with the USA in the country, add the end user Public IP if it remains fixed. So including USA country IPs, that end public IP will also be able to access exchange.

  • 0 in reply to Vishal_R

    using that command it is saying the public IP is in the united states

  • +1 in reply to PeteH

    Hi If that is the case then it is not country blocking that has denied the request for the end user and some other reason and issue which required investigation by checking TCPDUMP, drop packet of that end user WAN IP on XG CLI to confirm more. If the issue is still reproducible you may collect the same to identify it further and if needed may log a support case to have the next investigation help on it.

Reply
  • +1 in reply to PeteH

    Hi If that is the case then it is not country blocking that has denied the request for the end user and some other reason and issue which required investigation by checking TCPDUMP, drop packet of that end user WAN IP on XG CLI to confirm more. If the issue is still reproducible you may collect the same to identify it further and if needed may log a support case to have the next investigation help on it.

Children
No Data