I have set up Balance 380 with 3 ISPs and with SpeedFusion Cloud and SpeedFusion Connect Protect. I am using a fixed cloud location United Kingdom, London (LON) and want to keep using a fixed location in order to not appear as changing my IP Geolocation which can cause problems with web sites.
The problem I am having is that it seems that the web traffic is proxied and the proxy location is in the US.
I am blocked from at least one web site with the attached message - which seems to indicate that whilst my IP is in UK, the web traffic is proxied via US.
If I connect to a VPN (using ExpressVPN), that seems to solve the problem. However, I don’t want to connect to VPN at all times.
The proxy address is shown as 45.60.78.195
Question: Why is the traffic proxied via US - Where is it configured that this proxy should be used? Can I configure a different proxy (on whole network level, not just on my PC)? And where to do that?
I guess a simple solution could be for me to switch the SFC connection to US intead of UK, but I don’t really want to do that. How to change the proxy?
ask google or use one of the common services “what is my IP”.
I suspect it will come back with the 159.65.54.209 IP which is where you are existing the SF cloud.
the second Proxy IP is an edge node of imperva.com and they use as part of their application nginix or some other proxy layer for internal routing… This proxy layer, has a security component that doesn’t like the DigitalOcean IP space you are coming from. This is often done to stop bot-nets and other datacenter centric traffic. So that US IP address is part of the website provider’s systems.
To access these sort of websites you will have to exempt the traffic from the SF tunnel and have it come from what looks like regular consumer IP space.
I set up a Peplink FusionHub running on AWS London cluster and a SpeedFusion VPN connection between the Balance 380 and the FusionHub, and reconfigured Outbound Policy to use the PepVPN connection for all traffic.
→ this resolved my initially perceived problem, now if I check with https://www.whatismyip.com/proxy-check/ it is showing that the country is GB and my IP address is my private AWS IP address which is located in GB/UK as well. (previously, it was showing US as proxy country, but I think probably https://www.whatismyip.com/proxy-check/ just falsely identifies 159.65.54.209 as a US location).
→ however, i did still get the same error message from the web site (https://ibank.gtbank.com/ibank3/alert.aspx) with just the difference that the IP had changed to my new private IP but still indicating proxy 45.60.78.195. so it did not solve the problem.
To fix the problem, I just redefined the Outbound policy for now, and added a specific rule for gtbank.com domain using persistence, so that the traffic would be routed directly from one of my 3 WANs and would not pass the VPN - and this solved the problem.
It does seem like the web server is just blocking high risk IPs. I also checked: 159.65.54.209 ( DigitalOcean, LLC ) Fraud Risk → and it is indicating “high risk”
my own AWS IP address is showing also “medium risk”… probably not good enough.
Maybe when I travel next, will try to get some basic Peplink set up at another site which is within a regular consumer network, which I guess should permanently solve the problem.
At the moment, working out of Nigeria, and it’s pretty hard here to get a decent internet connection without using multiple ISPs, so that’s why using Balance 380 in the first place… seems to work pretty well so far.
Hope you don’t mind if I butt in here . @Paul_Mossip is right (again) and your observations are also well taken. We’ve dealt with the same issues over and over. SpeedFusion Coud/Protect’s POPs are well known and are on “lists” as are addresses from AWS, Vultr, etc where you are likely to host your FusionHub.
The best solution we’ve found is to make your PepVPN or SpeedFusion connection to another very capable Peplink router which is located at a location/address which is not on such “lists.” This is the “world we live in” and is the only way we’ve found to mitigate the issues caused by the various “IP bad boy lists.” [Maybe someone else has a solution that differs …]
We’ve found financial institutions and the organizations that deliver “content” to be the most sensitive but even retailers such as Lowe’s and FedEx (in the USA) are playing the “I’m afraid” game.
We have a couple of higher-end Peplink routers out there whose sole mission is to serve PepVPN/SpeedFusion connections and ship the traffic out to the internet. Bullet-proof. :<)
Thanks - it’s all good, and I now understand the situation better as well!
For now it works OK for me, and for the few web sites that are giving trouble (it seems that Docusign is one of them, which is quite annoying for work), I have a simple workaround by using VPN from my laptop, so all good.
When I have more time, will look into the option of creating a private tunnel with another site which is located in a consumer network.
