Ask Your Question

Are there blacklisted IP ranges for some AWS services?

asked 2020-01-27 14:20:05 -0600

We updated some of our infrastructure that we use to pull data from several RETS servers. Since making the change, we are getting errors that we believe are due to the IP of origin of the requests. When we use the same credentials from a local machine, they work.


edit retag flag offensive close merge delete


Are you saying you are using AWS to do the pulls and it doesn't work?
But when you do the same pulls locally with the same RETS URLs they work?
If so, can you give me a few AWS IP addresses that I can have network check?

bwolven gravatar imagebwolven ( 2020-01-27 14:25:48 -0600 )edit

Correct. They fail when our requests originate from our AWS setup and the same calls work locally when testings one off.

cduquette gravatar imagecduquette ( 2020-01-27 14:28:03 -0600 )edit

Did you try using the RETS Login URL in a browser on the AWS server and see if you get the login prompt?

bwolven gravatar imagebwolven ( 2020-01-27 14:59:06 -0600 )edit

Haven't tested that way; we will try. This is en existing setup of scheduled jobs and calls that worked seamlessly for all of the noted MLSs' RETS servers until yesterday afternoon when we changed to a new server with new IPs for our traffic. Local logins and pulls via browser work; and, if we use the old infrastructure, then they also work.

Is there anything to indicate that some IPs are blacklisted?

Thanks for your time and support in investigating this.

cduquette gravatar imagecduquette ( 2020-01-27 15:14:47 -0600 )edit


Locally: Successful. Full expected RETS response.

From new AWS server: "401 - Unauthorized: Access is denied due to invalid credentials."

cduquette gravatar imagecduquette ( 2020-01-27 15:26:38 -0600 )edit

Update: Digest Auth works locally and on our old system. Digest Auth fails with the new system. Basic Auth does work on the new system.

cduquette gravatar imagecduquette ( 2020-01-27 15:31:15 -0600 )edit

Are you using HTTPS or HTTP login URLs?
Paragon RETS requires Basic with HTTPS and Digest with HTTP..

bwolven gravatar imagebwolven ( 2020-01-27 15:33:39 -0600 )edit

We have been trying to use HTTP and digest auth. That is what appears not to work on new setup.

cduquette gravatar imagecduquette ( 2020-01-27 16:11:11 -0600 )edit

What are you using to connect?

bwolven gravatar imagebwolven ( 2020-01-28 10:35:45 -0600 )edit

We think this is an issue between the HTTP Proxy being used for our outbound traffic from this system and how paragon has implemented digest auth. We continue to investigate on our side. I will post when there is some clarity on what might be happening on our end.

cduquette gravatar imagecduquette ( 2020-01-28 11:48:17 -0600 )edit

One thing we did find through trying to use HTTPS with Basic auth is that two of the MLS sites have certificates that throw errors: "None of the common names in the certificate match the name that was entered."

cduquette gravatar imagecduquette ( 2020-01-28 15:22:15 -0600 )edit

In the URL use '-' between mlsid and rets in domain.
ie. ""

bwolven gravatar imagebwolven ( 2020-01-28 15:50:18 -0600 )edit

Were you able to get these working with HTTPS?

bwolven gravatar imagebwolven ( 2020-01-29 13:13:41 -0600 )edit

1 Answer

Sort by ยป oldest newest most voted

answered 2020-01-29 13:21:36 -0600

We were able to get it working through HTTPS with basic auth given the URL change. We believe that this may be the issue in getting digest auth to work with http through a proxy:

edit flag offensive delete link more
Login/Signup to Answer

Question Tools

1 follower


Asked: 2020-01-27 14:20:05 -0600

Seen: 612 times

Last updated: Jan 27 '20