Alarm for GeoIP bundle sync failure

search cancel

Alarm for GeoIP bundle sync failure

book

Article ID: 370343

calendar_today

Updated On:

Products

VMware vDefend Firewall with Advanced Threat Prevention VMware vDefend Firewall VMware NSX Firewall

Issue/Introduction

Event ID: geoip.bundle_sync_error

Added in release: 9.0.0

Alarm Description

Purpose: Failure to sync the GeoIP bundle
Impact: The GeoIP bundle is used to determine the country that an IPv4 address belongs to. Outdated GeoIP bundle might result in incorrect IP country categorization and inaccurate Geo traffic could be allowed or denied.

Environment

VMware NSX Data Center 9.0

Cause

Internet connectivity issue between NSX manager and NTICS.
Invalid license to download GeoIP bundle.

Resolution

Check if there is a valid license to download GeoIP bundle from NTICS. This can be checked on the NSX Manager UI by going to the System > Licenses page.

With valid licenses in place, use the UI to manually trigger GeoIP bundle download. If the error persists, please ensure that there is internet connectivity from NSX Manager to NTICS by issuing the following API:

POST https://api.nsx-sec-prod.com/1.0/auth/register

{

license_keys:[XXXXX-XXXXX-XXXXX-XXXXX],

device_type:NSX-Edge,

client_id: client_username

}

To temporarily disable the alarm, the user can turn off auto download of GeoIP bundle.

Additional Information

Maintenance window required for remediation?
No

Feedback

thumb_up Yes

thumb_down No