I'm a newbie regarding Fortinet products, so forgive me if I ask something silly :)
When I hit an innocuous website like
www.newsweekjapan.jp
I get fortinic firewall notification that access was blocked by firewall policy 15.
I then check policy ID 15
It's named GEOBLOCK
It has for destinations two address groups
'GEO IP FILTER'
and
'BLOCKED-IPs-Group'
The first group does contain "Japan" (why it would is a mystery to med at the moment)
The 2nd does not contain the ip address (block) of Newsweekjapan
So yeah.. Seems all Japan ip/sites are blocked right?
Yet random *.jp sites I tried in chrome come up just fine
I found no exceptions that would seem to allow some jp sites through but not others
Confused
Solved! Go to Solution.
Hello,
It is possible verify on FortiGate side to which country certain IP address belongs to (i.e. diagnose geoip geoip-query <public ip>). Please find more details below:
Hello,
It is possible verify on FortiGate side to which country certain IP address belongs to (i.e. diagnose geoip geoip-query <public ip>). Please find more details below:
Thank You for the reply.
I will look at the link.info you shared!
Thanks again!
No worries, everyone starts somewhere! Understanding firewall policies and Fortinet products can be a bit overwhelming at first, but I'll try to help clarify the situation for you.
From what you described, it appears that Fortinet's firewall policy 15, named 'GEOBLOCK,' is designed to block access to certain destinations based on their geographic location. It uses two address groups: 'GEO IP FILTER' and 'BLOCKED-IPs-Group.' The 'GEO IP FILTER' group contains the "Japan" entry, which means it's blocking access to websites originating from Japan.
The reason you see a block message when trying to access newsweekjapan.jp is that it falls under the "Japan" category and is blocked by the firewall policy 15.
The Fortinet firewall policy is blocking access to some *.jp sites, including many other websites. Check the firewall policy settings for misconfigurations, conflicting policies, and exceptions. Ensure the website is correctly categorized and consider testing with different browsers. If the issue persists, seek assistance from Fortinet support or their community forums.
Select Forum Responses to become Knowledge Articles!
Select the “Nominate to Knowledge Base” button to recommend a forum post to become a knowledge article.
User | Count |
---|---|
1736 | |
1107 | |
752 | |
447 | |
240 |
The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.
Copyright 2024 Fortinet, Inc. All Rights Reserved.