Block Connections from Consumer VPN networks at gateway


We have a web server behind an AWS Load Balancer. We’d like to block any host from accessing our web server if they are connecting from a Consumer VPN style network. We’ll also be doing some geo-location blocking too which we can do with AWS WAF.

For blocking Consumer VPN networks, does anyone know the easiest/fastest way to obtain a listing of CIDR blocks registered to Consumer VPN companies? I have a list of IPs that I can do a WHOIS on and find the registered block, but that wouldn’t give me all of the networks out there. I’d have to do quite a bit of WHOIS searching and guessing to build it manually. If there’s a resource out there that could help me with this endeavor that’d be great.