Re: AWS Web Application Firewall blocks ISP ranges?

Fri, 22 Mar 2024 07:11:20 -0700

Endured a similar problem last year. The company I was with migrated prod to Global Accelerator, ALBs, and WAF with Shield Advanced on an accelerated timeline. Several of our customer networks were blocked in AWS's default blocklists.
The path to resolution was meeting with our AWS account executive and their internal WAF team to expedite the removal of the addresses. 

-G

On 2024-03-21 18:44, Aaron Wendel wrote:

Yes.


our network is a mix of content and eyeballs and they listed the whole 
thing.  This has prevented the local school district from using their 
text to speech application (for their deaf students) as well as 
others.  This has also affected the local library and residences.


It's a PITA.

Thanks Amazon.

Aaron


On 3/21/2024 12:16 PM, Jonathan Kalbfeld via NANOG wrote:

Hi All,


I just became aware that AWS has a list of hosting IP providers and 
that list is blocked by their WAF? (!?!?).  None of my VM or colo 
customers can reach anything in AWS, such as Docker, Twilio, etc.  I 
confirmed through source routing that when I access it using one of my 
peering partners as a source IP it is reachable, but using one of my 
net blocks, it is not reachable and times out.  Checked all of my 
routing tables and those AWS blocks are definitely visible.  Also 
confirmed from looking glass that my IP ranges are showing up.



Has anyone else encountered that? If so, is there a way to get removed 
from that list? I have a very curated list of clients and I know all 
of them personally and none of them have been abusing AWS, so I was 
wondering if it was some kind of blanket ban?



If you're internal to AWS, my ASN is 54380, IP ranges affected are 
199.33.244.0/24, 199.79.202.0/24, 199.188.96.0/22, 45.59.144.0/22 and 
206.197.110.0/24


Feel free to reach out off-list.

Thanks,

Jonathan Kalbfeld

Jonathan Kalbfeld

office: +1 310 317 7933 <tel:%28310%29%20317-7933>
fax: +1 310 317 7901 <tel:%28310%29%20317-7901>
home: +1 310 317 7909 <tel:%28310%29%20317-7909>
mobile: +1 310 227 1662 <tel:%28310%29%20227-1662>

ThoughtWave Technologies, Inc.
Studio City, CA 91604
https://thoughtwave.com

View our network at
https://bgp.he.net/AS54380

+1 844 42-LINUX

























					Reply via email to