USA country group issue

Hi PeteH What was the public IP of the end person/user who was unable to access the exchange?

For that IP have you managed to validate the country on the XG firewall via the below command to confirm whether is it falling in the USA OR another country?

console> show country-host ip2country ipaddress <ip address>

https://support.sophos.com/support/s/article/KB-000035611?language=en_US

If IP belongs to another country on XG then check the IP in the below database to confirm if it falls in the same country or different.

https://www.maxmind.com/en/geoip-demo

With all the above outcomes, you may log a support case if IP Is actually from the USA and belongs to another country to take it further. As in workaround along with the USA in the country, add the end user Public IP if it remains fixed. So including USA country IPs, that end public IP will also be able to access exchange.

using that command it is saying the public IP is in the united states

Hi PeteH If that is the case then it is not country blocking that has denied the request for the end user and some other reason and issue which required investigation by checking TCPDUMP, drop packet of that end user WAN IP on XG CLI to confirm more. If the issue is still reproducible you may collect the same to identify it further and if needed may log a support case to have the next investigation help on it.

Hi PeteH If that is the case then it is not country blocking that has denied the request for the end user and some other reason and issue which required investigation by checking TCPDUMP, drop packet of that end user WAN IP on XG CLI to confirm more. If the issue is still reproducible you may collect the same to identify it further and if needed may log a support case to have the next investigation help on it.