AWS Web Application Firewall blocks ISP ranges?
Aaron Wendel
aaron at wholesaleinternet.net
Thu Mar 21 18:44:43 UTC 2024
Yes.
our network is a mix of content and eyeballs and they listed the whole
thing. This has prevented the local school district from using their
text to speech application (for their deaf students) as well as others.
This has also affected the local library and residences.
It's a PITA.
Thanks Amazon.
Aaron
On 3/21/2024 12:16 PM, Jonathan Kalbfeld via NANOG wrote:
> Hi All,
>
> I just became aware that AWS has a list of hosting IP providers and
> that list is blocked by their WAF? (!?!?). None of my VM or colo
> customers can reach anything in AWS, such as Docker, Twilio, etc. I
> confirmed through source routing that when I access it using one of my
> peering partners as a source IP it is reachable, but using one of my
> net blocks, it is not reachable and times out. Checked all of my
> routing tables and those AWS blocks are definitely visible. Also
> confirmed from looking glass that my IP ranges are showing up.
>
> Has anyone else encountered that? If so, is there a way to get removed
> from that list? I have a very curated list of clients and I know all
> of them personally and none of them have been abusing AWS, so I was
> wondering if it was some kind of blanket ban?
>
> If you're internal to AWS, my ASN is 54380, IP ranges affected are
> 199.33.244.0/24, 199.79.202.0/24, 199.188.96.0/22, 45.59.144.0/22 and
> 206.197.110.0/24
>
> Feel free to reach out off-list.
>
> Thanks,
>
> Jonathan Kalbfeld
>
> Jonathan Kalbfeld
>
> office: +1 310 317 7933 <tel:%28310%29%20317-7933>
> fax: +1 310 317 7901 <tel:%28310%29%20317-7901>
> home: +1 310 317 7909 <tel:%28310%29%20317-7909>
> mobile: +1 310 227 1662 <tel:%28310%29%20227-1662>
>
> ThoughtWave Technologies, Inc.
> Studio City, CA 91604
> https://thoughtwave.com
>
> View our network at
> https://bgp.he.net/AS54380
>
> +1 844 42-LINUX
>
--
================================================================
Aaron Wendel
Chief Technical Officer
Wholesale Internet, Inc. (AS 32097)
http://www.wholesaleinternet.com
aaron at wholesaleinternet.com
================================================================
More information about the NANOG
mailing list