I am trying to place AWS WAF behind a NAT gateway to block some specific users. The image below explains exactly what I want to achieve.
Asked
Active
Viewed 185 times
1 Answers
1
Does the NAT preserve client IP in XFF header? If yes, it might be possible: https://aws.amazon.com/about-aws/whats-new/2020/07/support-x-forwarded-for-header-available-aws-waf/
Otherwise, is there like session ID or unique ID you can use to block? Given that traffic coming from NAT, you won't be able to use block by source IP
KumoNoMae
- 301
- 1
- 3