Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
251
Views
1
Helpful
2
Replies

Umbrella causing users to use IP with bad reputation

anfare
Level 1
Level 1

‎04-29-2025 05:14 PM

A few days ago I started getting complaints from users that they were having problems getting into American Express website. The homepage would load, or partially load and the login page would only ever partially load. Upon getting access to a users machine, I was able to see the requests that were failing in the dev console. All of the failing requests were for assets like javascript, css, images, etc. and were to an Akamai domain.  

As a last resort, I tried reaching out to Akamai to see what was going on. They responded that the ip address that was being observed (155.190.7.19). It looks like from checking a couple of ip reputation websites that this IP is detected as a proxy which might hurt reputation. 

Is there a way to get Umbrella to not change the users IP address for certain domains? I tried adding both the Amex site as well as edgesuite Akamai domain to the Umbrella policy destination whitelists as well as the destination whitelists and domain management > external domains but despite that, the websites were still not loading. 

Labels:
0 Helpful
2 Replies 2

adamwin
Cisco Employee
Cisco Employee

‎04-29-2025 06:00 PM

We recommend putting impacted domains on the External or Internal Domains list - for roaming client deployments this will cause these domains to go straight to internet. For IPsec tunnel deployments you can configure tunnel exclusions on the router or firewall (whichever is used to setup the IPsec tunnel). 

If the issue is widespread please open a support ticket. 

anfare
Level 1
Level 1
In response to adamwin

‎04-30-2025 04:22 PM

Thanks for the reply.

As mentioned, I did add the domains to the External domains list yet the problem persisted. We aren't using any IPSec tunnels, just SD-Wan and AnyConnect. Is there something that should be done in Umbrella admin too?

Unfortunately we migrated to Meraki by signing up with ATT for their Sd-Wan offering so I don't have full admin access to the Meraki interface and I don't think I can open support tickets with you guys directly. Their support has been atrocious as well so I have little hope that they would be of any help.  

0 Helpful
Customers Also Viewed These Support Documents