Skip to main content
Versa Networks

Configure Geolocation Objects

  1. Last updated
  2. Save as PDF

versa-logo-release-icon.pngFor supported software information, click here.

You can use geographic location objects, also called geolocation objects, in the match conditions of Versa Operating SystemTM (VOSTM) policies to filter traffic based on its geographic source or destination. The VOS software provides lists of predefined cities, states (or countries), and regions that you can reference in match conditions. You can define custom geographic locations by creating geographic circles, which consist of a a point and the area enclosed by a circle drawn around that point. You specify the point by its latitude and longitude coordinates, and you specify the size of the circle by a distance.

You can specify geolocation match criteria in rules for the following VOS policies:

  • Application QoS and QoS class of service
  • Layer 2 SD-WAN
  • NGFW authentication, DDoS, decryption, and security
  • Policy-based forwarding (PBF)
  • SD-WAN
  • Secure access gateway and portal
  • Service filter (service chains)
  • Stateful firewall
  • Traffic mirroring
  • Traffic monitoring

This article describes how to configure a geographical circle and to view predefined regions, states, and cities.

View Predefined Regions

The VOS predefined regions are countries. Each country is identified by the English writing of its name, its two-letter country code, and its numerical identifier as defined in the GeoNames database.

To view the predefined geographic regions:

  1. In Director view:
    1. Select the Administration tab in the top menu bar.
    2. Select Appliances in the left menu bar.
    3. Select a device name in the main panel. The view changes to Appliance view.
  2. Select the Configuration tab in the top menu bar.
  3. Select Objects & Connectors > Objects > Predefined > Regions in the left menu bar. The main tab displays the predefined regions.
     

    regions-menu.png

  4. Click on the ID of a region. The View Region window displays.
     

    view-region.png

View Predefined States

The VOS predefined states are provinces and states within countries. Each state is identified by the English writing of its a name to which the two-letter country code is appended, a numeric identifier, a state code to which the two-letter country code is appended, its two-letter country code, and it numeric geocode identifier.

  1. In Director view:
    1. Select the Administration tab in the top menu bar.
    2. Select Appliances in the left menu bar.
    3. Select a device name in the main panel. The view changes to Appliance view.
  2. Select the Configuration tab in the top menu bar.
  3. Select Objects & Connectors > Objects > Predefined > States in the left menu bar. The main tab displays the predefined states.
     

    states-menu.png

  4. Click the name of a state to view details. The View State window displays.
     

    view-state.png

View Predefined Cities

The VOS predefined cities are cities within countries. Each city is identified by the English writing of its a name to which the state code and the two-letter country code are appended, a numeric identifier, a state code to which the two-letter country code is appended, its two-letter country code, and it numeric geocode identifier.

  1. In Director view:
    1. Select the Administration tab in the top menu bar.
    2. Select Appliances in the left menu bar.
    3. Select a device name in the main panel. The view changes to Appliance view.
  2. Select the Configuration tab in the top menu bar.
  3. Select Objects & Connectors > Objects > Predefined > Cities in the left menu bar. The main tab displays the predefined cities.
     

    cities-menu.png

  4. Click the name of a city to view details. The View City window displays.
     

    view-city.png

Configure Custom Geographic Circles

You can configure a custom geographic location by defining a geographic circle. A geographic circle consists of a point and the area enclosed by a circle drawn around that point. You specify the point by its latitude and longitude coordinates, and you specify the size of the circle by a distance.

To configure a custom geographic circle:

  1. In Director view:
    1. Select the Administration tab in the top menu bar.
    2. Select Appliances in the left menu bar.
    3. Select a device name in the main panel. The view changes to Appliance view.
  2. Select the Configuration tab in the top menu bar.
  3. Select Objects & Connectors ;> Objects > Custom Objects > Geo Circles in the left menu bar.
     

    geocircles-menu.png

  4. Click the + Add button in the main pane to add a custom geo circle. In the Add Geo Circle window, enter information for the following fields:
     

    add-geo-circle.png

     
    Field Description

    Name (Required)

    		 Enter a name for the custom geographic circle.
    Description Enter a text description for the geographic circle.
    Latitude (Required) Enter the latitude for the geographic location.
    Longitude (Required) Enter the longitude for the geographic location.
    Radius

    Enter the radius of the circle around the point specified by the latitude and longitude coordinates

    Default: 10

    Value: 0 through 15000
    Distance Unit

    Select the distance unit:

    • Kilometers
    • Miles
    Tag Enter a text string to describe the custom geographic circle object. Click the add-icon-green.PNG Add icon to add the tag. You can add multiple tags.
  5. Click OK.

Apply a Geolocation Object to an Access Policy

You can specify geolocation match criteria in rules for the following VOS policies:

When you are defining a VOS security policy, you can apply a geolocation object in the match criteria of the policy's rule. To define and configure a security access policy, see Configure Security Access Policy Rules.

This sections shows an example of how to add a geolocation object to an NGFW security rule.

  1. In Director view:
    1. Select the Administration tab in the top menu bar.
    2. Select Appliances in the left menu bar.
    3. Select a device name in the main panel. The view changes to Appliance view.
  2. Select the Configuration tab in the top menu bar.
  3. Select Services > Next Gen Firewall > Security > Policies in the left menu bar, and select the Rules tab.
     

    ngfw-rules-tab.png

  4. Select a security access policy rule or click + Add to add a rule. The Edit Rule or Add Rule popup window displays.
  5. Select the Source tab.
     

    ngfw-add-decryption-rule-source-tab.png

  6. Click + Add next to Custom Geo Circle, Region, State, and City to select geolocation objects.
  7. Select the Destination tab.
     

    ngfw-add-decryption-rule-destination-tab.png

  8. Click + Add next to Custom Geo Circle, Region, State, and City to select geolocation objects.
  9. Click OK.

Supported Software Information

Releases 22.1 and later support all content described in this article.