Forum Discussion
Peter Holland
May 05, 2023Iron Contributor
IPv6 impossible travel wrong geo-ip data
we are seeing a lot of alerts and reports of impossible travel coming up since the IPv6 support added to 365. In all instances it seems that whatever Defender for Cloud Apps is using to geo-tag the s...
keithmcramer
Jul 20, 2023Copper Contributor
Peter Holland This is not just with Defender for Cloud Apps. I'm seeing it in Sign-In logs in Azure AD. IPv4 is indicating they are in Arlington, VA (where they live), and IPv6 logs says they are in Levittown, New York, US. The only difference is that the Microsoft VPN seems to force IPv6, and I have dozens of folks being reported as accessing our network from Levittown, New York (incorrectly).
It seems the IPv6 is wildly inaccurate across Microsoft's platform. What good are logs if you can't trust them?
PaulL
Jul 21, 2023Brass Contributor
I was locked out of M365 today due to a conditional access policy. My IPv6 was being reported as Los Angeles, CA when it should have been Sydney, AUS
Checking the IPv6 address on https://www.iplocation.net/ seems to be correct, so maybe Microsoft's IP DB is messed up.
Checking the IPv6 address on https://www.iplocation.net/ seems to be correct, so maybe Microsoft's IP DB is messed up.