Trouble accessing Cloudflare domains from certain subnet

Hello Cloudflare team,

My name is Mhamad, and I'm the head of the networking department at an ISP in Lebanon.

I'm having a major issue where I can't access any domain that uses Cloudflare's DNS, specifically the addresses 188.114.97.6 and 188.114.96.6. I've tried everything on our end:

Running pings and traceroutes
Clearing our cache
Changing routes and DNS settings

The strange part is that some ISPs in Lebanon can connect just fine, while others, including mine, can't access anything. This is a big problem for our customers.

Could you please look into this on your end? Any help would be greatly appreciated.

Thanks,
Mhamad

Ttrax Hello Cloudflare team, My name is Mhamad, and I'm the head of the networking de...

DarkDeviL•9/1/25, 3:56 PM

Can you elaborate on where exactly you're seeing these issues?

What ISP / provider, preferably their AS number?
The AS number can be found here:
https://1.1.1.1/help
-> AS Number
https://bgp.tools/
-> The AS number shown under "You are connecting from" like this: "Cloudflare, Inc. (AS13335)"
<https://bgp.he.net/>-> The AS number shown like this: "**Your ISP is AS13335 (Cloudflare, Inc.)**"
Can you share the ping/traceroute results you're referring to?
Can you share the ping/traceroute to surrounding IP addresses, according to your explanation, such as e.g. 188.114.96.5188.114.96.5, 188.114.96.7188.114.96.7, 188.114.97.5188.114.97.5 and 188.114.97.7188.114.97.7?

traxOP•9/1/25, 4:02 PM

thats our as number AS210292
1 <1 ms <1 ms <1 ms 192.168.10.1
2 1 ms 1 ms 1 ms 172.16.14.1
3 1 ms 1 ms 1 ms 10.10.12.5
4 1 ms 2 ms 3 ms 10.10.12.1
5 1 ms 1 ms 1 ms 10.5.10.1
6 2 ms 14 ms 1 ms 172.16.80.177
7 * * * Request timed out.
8 6 ms 5 ms 2 ms 172.16.49.1
9 40 ms 41 ms 45 ms 213.242.116.233
10 40 ms 88 ms 57 ms 213.19.217.10
11 * 49 ms 39 ms 162.158.20.40
12 39 ms 39 ms 39 ms 188.114.97.6

thats the other ip

1 <1 ms <1 ms <1 ms 192.168.10.1
2 3 ms 1 ms 1 ms 172.16.14.1
3 1 ms 1 ms 1 ms 10.10.12.5
4 1 ms 1 ms 1 ms 10.10.12.1
5 1 ms 1 ms 1 ms 10.5.10.1
6 2 ms 1 ms 2 ms 10.148.189.1
7 * * * Request timed out.
8 2 ms 3 ms 3 ms 172.16.40.2
9 2 ms 2 ms 4 ms 172.16.80.45
10 * * * Request timed out.
11 5 ms 3 ms 3 ms 172.16.48.1
12 40 ms 38 ms 40 ms ae81.edge4.Marseille1.Level3.net [212.73.201.45]
13 40 ms 54 ms 43 ms 213.19.217.10
14 38 ms 38 ms 38 ms 162.158.20.46
15 38 ms 38 ms 38 ms 188.114.96.7

DarkDeviL•9/1/25, 4:07 PM

Seems like it's going through from AS210292 just fine, ... to both 188.114.97.6188.114.97.6 and 188.114.96.7188.114.96.7?

DarkDeviL•9/1/25, 4:07 PM

AS210292 isn't one of the problematic ISP(s)?

DarkDeviL•9/1/25, 4:08 PM

Is AS210292 one of the problematic ISP(s)?

traxOP•9/1/25, 4:08 PM

im the ISP

traxOP•9/1/25, 4:08 PM

yes

traxOP•9/1/25, 4:08 PM

when i load a site i get nothing at all

traxOP•9/1/25, 4:09 PM

after a while i get this ERR_CONNECTION_TIMED_OUT

traxOP•9/1/25, 4:09 PM

also in browser Dev mode nothing is showing in network or console

traxOP•9/1/25, 4:12 PM

example of website:
https://www.tacticalreport.com/
https://mikrowizard.com/

Tactical Report

Strategic Insights, Comprehensive Analysis and Expert Commentary | ...

Get ahead with Tactical Report's in-depth analysis & expert insights on MENA defense, geopolitics and strategic intelligence for informed decisions.

MikroWizard | Mikrotik management solutionadmin

Home page

Streamline your network management tasks with MikroWizard, the ultimate MikroTik router management solution. Empower your network administrators with a powerful user-friendly tool to optimize performance and efficiency. Explore MikroWizard now!

DarkDeviL•9/1/25, 4:12 PM

Do you see a Cloudflare Error 1003 - Direct IP access not allowedError 1003 - Direct IP access not allowedwhile loading any of these?

If it's mixed yes or no, - which ones are giving Error 1003Error 1003, and which ones aren't?

traxOP•9/1/25, 4:13 PM

just a sec

traxOP•9/1/25, 4:13 PM

im getting 1003 error on all of them except 2

traxOP•9/1/25, 4:13 PM

188.114.97.7

traxOP•9/1/25, 4:14 PM

http://188.114.96.7/

DarkDeviL•9/1/25, 4:15 PM

So the two ones ending with .7.7 are just loading and ending with timeout?

DarkDeviL•9/1/25, 4:16 PM

#4 and #6 from my list?

DarkDeviL•9/1/25, 4:16 PM

The others are all giving Error 1003Error 1003?

traxOP•9/1/25, 4:17 PM

yup

Ttrax im the ISP

DarkDeviL•9/1/25, 4:19 PM

^ As you're saying you're the ISP here, it may be a bit strange to refer you to the ISP (i.e. to yourself)...

traxOP•9/1/25, 4:19 PM

lol yes

DarkDeviL•9/1/25, 4:19 PM

However, these things happens exactly like this with ISP / government censorships, where ISPs are restricting access to specific IP addresses.

traxOP•9/1/25, 4:19 PM

ive even tried connecting directly from my edge router it didnt work

DarkDeviL•9/1/25, 4:19 PM

It's exactly what is happening here too...

DarkDeviL•9/1/25, 4:21 PM

So if there isn't anything with government censorship within your own network, then you will have to work it out with your upstream / transit carriers.

traxOP•9/1/25, 4:21 PM

yes no government censorship

traxOP•9/1/25, 4:21 PM

hmmmm

traxOP•9/1/25, 4:22 PM

the thing is i can reach the ip via icmp but the page is not loading, i do not think its a transit/upstream issue

DarkDeviL•9/1/25, 4:23 PM

ICMP and HTTP(S) are two different traffic types, one of them being filtered doesn't mean that the other one is as well.

traxOP•9/1/25, 4:24 PM

Thats true

traxOP•9/1/25, 4:26 PM

But tbh our government they do not care about anything and dont block anything

traxOP•9/1/25, 4:26 PM

They notify the ISP to block certain services

traxOP•9/1/25, 4:26 PM

Thats weird I know but thats how its done here

traxOP•9/1/25, 4:27 PM

The upstream is OGERO the official one for the country

DarkDeviL•9/1/25, 4:30 PM

As you can reach the surrounding Cloudflare IP addresses, ... then the issue isn't on Cloudflare's side.

traxOP•9/1/25, 5:08 PM

So im not blocked on any firewall of urs, right ?

Ttrax So im not blocked on any firewall of urs, right ?

DarkDeviL•9/1/25, 8:52 PM

Cloudflare is not blocking you.

traxOP•9/1/25, 8:52 PM

Thank you sir

DarkDeviL•9/1/25, 8:53 PM

You're welcome.

DarkDeviL•9/1/25, 8:54 PM

And if a specific website owner decided to block you (or your network) from accessing their website, you would see something like what you see on this page: https://cloudflare.com/cdn-cgi/error/1020

traxOP•9/2/25, 1:26 PM

id like to give you an update it was a transit issue from Liban Telecom
Thank you so much sir

traxOP•9/2/25, 1:26 PM

also do you have any idea which ISPs in Lebanon that have a cloudflare CDN so i can peer with their IX ?

Ttrax id like to give you an update it was a transit issue from Liban Telecom Thank yo...

DarkDeviL•9/3/25, 10:06 PM

You're welcome, and thanks to you for returning with an update!

Ttrax also do you have any idea which ISPs in Lebanon that have a cloudflare CDN so i ...

DarkDeviL•9/3/25, 10:10 PM

According to PeeringDB, more notably on the specific page for Cloudflare's primary AS number, 13335, Cloudflare should be available in Berytech Technological Pole, as well as being present on the LebIX internet exchange, which was formerly known as Beirut-IX.

traxOP•9/4/25, 8:32 PM

Thank you

Trouble accessing Cloudflare domains from certain subnet

Similar Threads

Similar Threads

Similar Threads