Are there blacklisted IP ranges for some AWS services?

retag add tags

We updated some of our infrastructure that we use to pull data from several RETS servers. Since making the change, we are getting errors that we believe are due to the IP of origin of the requests. When we use the same credentials from a local machine, they work.

GAMLS MAAR MIMLS (MI RealSource)

cduquette

asked 2020-01-27 14:20:05 -0500

edit flag offensive 0 remove flag close merge delete

Comments

Are you saying you are using AWS to do the pulls and it doesn't work?
But when you do the same pulls locally with the same RETS URLs they work?
If so, can you give me a few AWS IP addresses that I can have network check?

bwolven (2020-01-27 14:25:48 -0500) edit

Correct. They fail when our requests originate from our AWS setup and the same calls work locally when testings one off.

34.209.55.176 35.163.185.193 54.203.208.43

cduquette (2020-01-27 14:28:03 -0500) edit

Did you try using the RETS Login URL in a browser on the AWS server and see if you get the login prompt?

bwolven (2020-01-27 14:59:06 -0500) edit

Haven't tested that way; we will try. This is en existing setup of scheduled jobs and calls that worked seamlessly for all of the noted MLSs' RETS servers until yesterday afternoon when we changed to a new server with new IPs for our traffic. Local logins and pulls via browser work; and, if we use the old infrastructure, then they also work.

Is there anything to indicate that some IPs are blacklisted?

Thanks for your time and support in investigating this.

cduquette (2020-01-27 15:14:47 -0500) edit

URL: http://gamls-rets.paragonrels.com/ret...

Locally: Successful. Full expected RETS response.

From new AWS server: "401 - Unauthorized: Access is denied due to invalid credentials."

cduquette (2020-01-27 15:26:38 -0500) edit

Update: Digest Auth works locally and on our old system. Digest Auth fails with the new system. Basic Auth does work on the new system.

cduquette (2020-01-27 15:31:15 -0500) edit

Are you using HTTPS or HTTP login URLs?
Paragon RETS requires Basic with HTTPS and Digest with HTTP..

bwolven (2020-01-27 15:33:39 -0500) edit

We have been trying to use HTTP and digest auth. That is what appears not to work on new setup.

cduquette (2020-01-27 16:11:11 -0500) edit

What are you using to connect?

bwolven (2020-01-28 10:35:45 -0500) edit

We think this is an issue between the HTTP Proxy being used for our outbound traffic from this system and how paragon has implemented digest auth. We continue to investigate on our side. I will post when there is some clarity on what might be happening on our end.

cduquette (2020-01-28 11:48:17 -0500) edit

One thing we did find through trying to use HTTPS with Basic auth is that two of the MLS sites have certificates that throw errors: https://maar.rets.paragonrels.com/ret... https://mimls.rets.paragonrels.com/re... "None of the common names in the certificate match the name that was entered."

cduquette (2020-01-28 15:22:15 -0500) edit

In the URL use '-' between mlsid and rets in domain.
ie. "maar-rets.paragonrels.com"

bwolven (2020-01-28 15:50:18 -0500) edit

Were you able to get these working with HTTPS?

bwolven (2020-01-29 13:13:41 -0500) edit

add a comment see more comments

Are there blacklisted IP ranges for some AWS services?

Comments

1 Answer

Comments

Your Answer

Are there blacklisted IP ranges for some AWS services? edit

Comments

1 Answer

Comments

Your Answer

Are there blacklisted IP ranges for some AWS services?