Managing IP's in WAF - AWS

Whitelisting IP's that are outside U.S. Removing Blacklisted from Mac Address Admin 403 Error

  1. Make sure the IP our client has from their ISP is a Static IP address
      1. They will need to contact their ISP to find this out
      2. You can have them google - whatsmyip or goto ipchicken.com
  2. If they won't pay for a static IP address they will need to look into using a VPN so they will appear to have a US IP.
      1. They will need to contact their IT
      2. If they don't have IT they will have to do research on how to create a VPN themselves
  3. Log into AWS [If you don't have an account seek Tier 2]
      1. In the Search bar type WAF
      2. Select the 2nd option AWS Firewall Manager
      3. Select AWS WAF
      4. Go to IP sets
      5. Select US West (Oregon) in Regions
      6. Select whitelisted-IPs
      7. Add the Static IP to the Whitelist
  4. If Client will not purchase a static address and will not create a VPN connection, but is requesting we must do something on our side.
      1. Reach out to tier 2 to whitelist a block of IP address as a last resort
      2. If tier 2 can't or needs help Reach out to Mike via Slack
  5. Current ACL Rules for understanding whitelisting below:
      1. block-blacklisted-IPs; these are IP's that have attempted to brute force attack in to our Admin site
      2. allow-whitelisted-IPs; Priority 1 to take precedence over the foreign traffic rule and allow connection without being blocked
      3. restrict-foreign-traffic; blocks all foreign traffic not US based
  6. If device can not be found
    1. add device mac to graveyard pbx
    2. remove blacklist