Help
FortiGate
FortiGate Next Generation Firewall utilizes purpose-built security processors and threat intelligence security services from FortiGuard labs to deliver top-rated protection and high performance, including encrypted traffic.
pbangari
Staff
Staff

Created on ‎08-22-2023 02:57 AM

Article Id 269742

Technical Tip: Registered location and physical location of IP addresses

Description This article describes the differences between using the registered location or the physical location of IP addresses. This helps configure a correct firewall policy configuration based on requirements.
Scope FortiGate.
Solution

Fortinet has deployed looking-glass servers all over the world to aid in locating physical IP addresses.

 

The physical location of the IP address is determined by measuring the looking glass server's latency to the target IP address.

In some scenarios, Geo-IP-based firewall policies do not work as expected. This may be because an IP address is being used in a different country than the previously registered country.

 

Showing the actual geographic location of the IP is very important in a variety of fields ranging from location-based services to malware detection. However, the Fortinet database also includes the registration country data separately from geographic/physical location data. 

Use the following commands to set up the required configuration:

 

config firewall policy

edit

set geoip-match

next

end

 

Capture.PNG

 
272
0 Kudos
Submit Article Idea
Contributors
Broad. Integrated. Automated.

The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.

Social Media
Security Research
Company
News & Articles
Contact Us

Copyright 2024 Fortinet, Inc. All Rights Reserved.