Requests are getting blocked with “network_not_allowed” in WSS.
Article ID: 240239
Updated On:
Products
Cloud Secure Web Gateway - Cloud SWG
Issue/Introduction
Requests to specific websites are getting blocked by WSS with the following exception page;
Cause
By default WSS block the requests to certain IP ranges which are non routable addresses.
Resolution
Request's sent to the following IP segments would be blocked by WSS. There is no way to override this block, to access any of these destinations the IP\domain has to be bypassed from WSS.
| Address block | Address range | Description |
| 0.0.0.0/8 | 0.0.0.0–0.255.255.255 | Current network. |
| 10.0.0.0/8 | 10.0.0.0–10.255.255.255 | Used for local communications within a private network. |
| 100.64.0.0/10 | 100.64.0.0–100.127.255.255 | Shared address space[5] for communications between a service provider and its subscribers when using a carrier-grade NAT. |
| 127.0.0.0/8 | 127.0.0.0–127.255.255.255 | Used for loopback addresses to the local host. |
| 169.254.0.0/16 | 169.254.0.0–169.254.255.255 | Used for link-local addresses between two hosts on a single link when no IP address is otherwise specified, such as would have normally been retrieved from a DHCP server. |
| 172.16.0.0/12 | 172.16.0.0–172.31.255.255 | Used for local communications within a private network. |
| 192.0.0.0/24 | 192.0.0.0–192.0.0.255 | IETF Protocol Assignments. |
| 192.0.2.0/24 | 192.0.2.0–192.0.2.255 | Assigned as TEST-NET-1, documentation and examples. |
| 192.88.99.0/24 | 192.88.99.0–192.88.99.255 | Reserved. Formerly used for IPv6 to IPv4 relay. |
| 192.168.0.0/16 | 192.168.0.0–192.168.255.255 | Used for local communications within a private network. |
| 198.18.0.0/15 | 198.18.0.0–198.19.255.255 | Used for benchmark testing of inter-network communications between two separate subnets. |
| 198.51.100.0/24 | 198.51.100.0–198.51.100.255 | Assigned as TEST-NET-2, documentation and examples. |
| 203.0.113.0/24 | 203.0.113.0–203.0.113.255 | Assigned as TEST-NET-3, documentation and examples. |
| 224.0.0.0/4 | 224.0.0.0–239.255.255.255 | In use for IP multicast. (Former Class D network.) |
| 240.0.0.0/4 | 240.0.0.0–255.255.255.254 | Reserved for future use. (Former Class E network.) |
Attachments
Feedback
Yes
No
Powered by
