Buy or Renew
Buy or Renew
Duo Security forums now LIVE! Get answers to all your Duo Security questions. Learn more
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
299
Views
0
Helpful
1
Replies

DUO proxy software is accessing a URL with a fixed IP

JasonP3
Level 1
Level 1

‎05-01-2018 08:56 AM

Our servers are configured to have all internet access blocked unless specifically whitelisted.

I recently setup DUO proxy. We already had access to our our API link whitelisted, https://■■■■■■■■■■■■■■■■■■■■■■■■■■■■ but DUO proxy wouldn’t work correctly.

When we debugged it, it appeared that DUO Proxy was also accessing ‘https://52.19.127.194’. When we whitelisted that, the proxy worked fine.

What I don’t understand is why it was using a fixed IP in a URL. The reverse DNS just points to amazon web services. I did some searching and found that at least a couple of duosecurity subdomains point to that IP. We are constantly told not to use IPs for whitelisting because IPs can change at any time and I am worried that exactly this will happen and break our DUO proxy when it does.

I suspect the DUO Proxy software is doing a domain lookup to get the IP but rather than use the domain in the web request it is making, it is inserting its own lookup request result IP into the web request it is making.

Why is it doing this? Why is it requesting https://52.19.127.194 rather than https://blah.duosecurity.com? How long before the IP changes and my whitelisting gets broken?!

Labels:
0 Helpful
1 Reply 1

mkorovesisduo
Level 4
Level 4

‎05-02-2018 06:12 AM

Hi JasonP, please contact Duo Support at support@duosecurity.com for more information on how to whitelist our service.

0 Helpful
Quick Links
     
                  Duo Release Notes   Duo Discussion Forums      
 
 
Customers Also Viewed These Support Documents