04-21-2023 11:01 AM
Hello Experts,
I had Russia blocked as GeoFilter in Firepower and policy is deployed successfully.
When I run Packet-tracer command, it showed allow. Is it normal ? Or my Firepower policy is not in place?
Thanks,
Solved! Go to Solution.
04-22-2023 01:04 AM
Geolocation filter blocks the transit traffic through the firewall, not the traffic destined to the firewall itself. Please take a look at this post of mine with some examples:
04-21-2023 07:22 PM - edited 04-21-2023 07:36 PM
@LovejitSingh130013 how you ran packet tracer for geofilter? packet tracer is only looking for IP and not for geolocation. additionally, make sure you have correct service rule to traffic filter.
04-22-2023 01:04 AM
Geolocation filter blocks the transit traffic through the firewall, not the traffic destined to the firewall itself. Please take a look at this post of mine with some examples:
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide