I have created GEO blocking policy on top of the policies , I have blocked Russia specifically. But the following ip from Russia 22.214.171.124 , As per GEO blocking policy its not blocked. I already enabled match-vip on this policy.
Please help why Fortinet not able to block the geo block correctly
Firewall Policy handles traffic coming in one interface and going out another interface. Local-in Policy handles traffic hits the FGT itself like IPsec, SSL VPNs, and other FGT initiated traffic's returns.
Did you put the your GEO blocking policy in the local-in-policy? Or firewall policy?
The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.