AWS Web Application Firewall blocks ISP ranges?
Jonathan Kalbfeld
jonathan at thoughtwave.com
Thu Mar 21 17:16:27 UTC 2024
Hi All,
I just became aware that AWS has a list of hosting IP providers and that list is blocked by their WAF? (!?!?). None of my VM or colo customers can reach anything in AWS, such as Docker, Twilio, etc. I confirmed through source routing that when I access it using one of my peering partners as a source IP it is reachable, but using one of my net blocks, it is not reachable and times out. Checked all of my routing tables and those AWS blocks are definitely visible. Also confirmed from looking glass that my IP ranges are showing up.
Has anyone else encountered that? If so, is there a way to get removed from that list? I have a very curated list of clients and I know all of them personally and none of them have been abusing AWS, so I was wondering if it was some kind of blanket ban?
If you're internal to AWS, my ASN is 54380, IP ranges affected are 199.33.244.0/24, 199.79.202.0/24, 199.188.96.0/22, 45.59.144.0/22 and 206.197.110.0/24
Feel free to reach out off-list.
Thanks,
Jonathan Kalbfeld
Jonathan Kalbfeld
office: +1 310 317 7933 <tel:%28310%29%20317-7933>
fax: +1 310 317 7901 <tel:%28310%29%20317-7901>
home: +1 310 317 7909 <tel:%28310%29%20317-7909>
mobile: +1 310 227 1662 <tel:%28310%29%20227-1662>
ThoughtWave Technologies, Inc.
Studio City, CA 91604
https://thoughtwave.com <https://thoughtwave.com/>
View our network at
https://bgp.he.net/AS54380 <https://bgp.he.net/AS54380>
+1 844 42-LINUX
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mailman.nanog.org/pipermail/nanog/attachments/20240321/e0539931/attachment.html>
More information about the NANOG
mailing list