Thank you for posting your query on Microsoft Q&A. PFB answer to your queries below:
- Where does Microsoft obtain or how do they maintain their geolocation data that is used for Azure based platforms? Is it all self maintained or where do they reference? T-Mobile reportedly follows recent common standard for geofeed data publish. Can be seen here raw.githubusercontent.com/tmobile/tmus-geofeed/main/tmus-geo-ip.txt. *ARIN also shows the proper location as US for these IP's.
The location is found using the public IP address a client provides to Azure Active Directory or GPS coordinates provided by the Microsoft Authenticator app. It uses location services like any other application.
When you use a cloud hosted proxy or VPN solution, the IP address Azure AD uses while evaluating a policy is the IP address of the proxy. The X-Forwarded-For (XFF) header that contains the user’s public IP address isn't used because there's no validation that it comes from a trusted source, so would present a method for faking an IP address.
The location found using the public IP address a client provides to Azure Active Directory or GPS coordinates provided by the Microsoft Authenticator app.
- Where\how do customers contact Microsoft to advise them of bad location information for IP's?
You could raise a support ticket to report the issue for immediate assistance and share company portal or authenticator app logs.
Please do let me know if you have any further queries. Also try looking at the fiddler trace for one of the impacted device.
Please "Accept the answer" (Yes), and share your feedback if the suggestion answers you’re your query. This will help us and others in the community as well.