Skip to main content

Check out Interactive Visual Stories to gain hands-on experience with the SSE product features. Click here.

Skyhigh Security

Troubleshoot Incorrect IP Geolocation in PAN-OS

  1. Last updated
  2. Save as PDF

When PAN-OS maps IP addresses to incorrect geographic locations, it can lead to policy enforcement errors and inaccurate regional reports. This topic explains the causes of such geolocation inaccuracies and provides steps to verify, troubleshoot, and resolve them.

Cause

This issue occurs because PAN-OS uses an internal database to map IP addresses to geographic locations. The database may occasionally become outdated and report incorrect geolocation information.

Workaround

Before submitting a correction request, verify the reported IP address geolocation as follows:

  • Update the PAN-OS content database
    • Run the latest content update to refresh the geolocation database.
  • Validate the IP geolocation using the CLI: 
    > show location ip <ip-address>
  • Cross-check using public lookup tools

Resolution

If the incorrect geolocation persists after the update:

  1. Collect supporting evidence showing the discrepancy between PAN-OS data and public lookup results.
    Include screenshots or reports from:
    • Whois
    • Microsoft
    • ping, traceroute, nslookup
    • Any reputable IP lookup site
  2. Open a TAC case with Palo Alto Networks and provide:
    • Affected IP address(es)
    • Evidence of incorrect location results
    • PAN-OS version and content update version

Palo Alto Networks will verify the data, correct the internal database, and deliver the fix in a future content release. For more details, see https://threatvault.paloaltonetworks.com

Optional
To override the incorrect geolocation immediately, create a custom region in the Web GUI: Objects > Regions

  1. Back to top
  • Was this article helpful?

Recommended articles

  1. Article type
    Topic
  2. Tags
    This page has no tags.