Geofeed IP Location Reference that Microsoft Uses and How to Report Incorrect Location

Shannon H 45 Reputation points
2023-05-02T13:20:37.3666667+00:00

We have identified a range of IP's that T-Mobile USA owns and legitimately has published as a US location, but Microsoft (Azure) is showing an incorrect location of Shanghai, China. This is causing frustration and issues for our users that are subject to our US only conditional access policies if they happen to have T-Mobile service. At least one of the IP ranges is 172.59.72.0/21.

This bring up 2 questions as we have tried many avenues to beg for the location info to be updated.

  1. Where does Microsoft obtain or how do they maintain their geolocation data that is used for Azure based platforms? Is it all self maintained or where do they reference? T-Mobile reportedly follows recent common standard for geofeed data publish. Can be seen here raw.githubusercontent.com/tmobile/tmus-geofeed/main/tmus-geo-ip.txt. *ARIN also shows the proper location as US for these IP's.
  2. Where\how do customers contact Microsoft to advise them of bad location information for IP's?

Most legit IP lookup\whois sites are showing the proper US-MO,Kansas City location for those IP's, but not Microsoft and a couple of others like IPStack.com We have already sent ipstack.com a message and hoping they will adjust just in case that is one of Microsoft's trusted feed sources.

Microsoft Entra ID
Microsoft Entra ID
A Microsoft Entra identity service that provides identity management and access control capabilities. Replaces Azure Active Directory.
20,549 questions
{count} vote

1 answer

Sort by: Most helpful
  1. Akshay-MSFT 17,656 Reputation points Microsoft Employee
    2023-05-03T11:15:24.3833333+00:00

    @Shannon H ,

    Thank you for posting your query on Microsoft Q&A. PFB answer to your queries below:

    1. Where does Microsoft obtain or how do they maintain their geolocation data that is used for Azure based platforms? Is it all self maintained or where do they reference? T-Mobile reportedly follows recent common standard for geofeed data publish. Can be seen here raw.githubusercontent.com/tmobile/tmus-geofeed/main/tmus-geo-ip.txt. *ARIN also shows the proper location as US for these IP's.

    The location is found using the public IP address a client provides to Azure Active Directory or GPS coordinates provided by the Microsoft Authenticator app. It uses location services like any other application.

    When you use a cloud hosted proxy or VPN solution, the IP address Azure AD uses while evaluating a policy is the IP address of the proxy. The X-Forwarded-For (XFF) header that contains the user’s public IP address isn't used because there's no validation that it comes from a trusted source, so would present a method for faking an IP address.

    The location found using the public IP address a client provides to Azure Active Directory or GPS coordinates provided by the Microsoft Authenticator app.

    1. Where\how do customers contact Microsoft to advise them of bad location information for IP's?

    You could raise a support ticket to report the issue for immediate assistance and share company portal or authenticator app logs.

    Please do let me know if you have any further queries. Also try looking at the fiddler trace for one of the impacted device.

    Thanks,

    Akshay Kaushik

    Please "Accept the answer" (Yes), and share your feedback if the suggestion answers you’re your query. This will help us and others in the community as well.

    0 comments No comments