In March 2025, the IPv4 Geolocation database grew to a size that is larger than Fireware can load for use in policies. 

As a result, customers who recently upgraded to Fireware 12.11 or 12.11.1 can experience these symptoms:

• Geolocation lookup utilities available in Fireware Web UI and Policy Manager return "unknown" for all IPv4 lookups.
• IP addresses are misclassified or show the incorrect geographic location.
• Policies with Geolocation enabled no longer block IPv4 connections from blocked countries.
• Fireware traffic logs no longer show the geo_src and geo_dst tags.

These symptoms occur only after a Firebox reboot or Fireware upgrade.

Note: A similar, related issue affects Fireware v12.10.4 and lower. For more information, go to this Known Issue.

Upgrade to Fireware v12.11.1 Update 1 or higher.