Connect to CloudFront through WAF using Twingate

I followed these 2 manuals:
Create the exit node: AWS Exit Nodes | Docs

And then AWS CloudFront:

But the WAF is still blocking my connection attempts.

I also tried to create a connector (Using the Docker deployment method) and it’s connected, but I still get 403 from the WAF.


  1. Created an EC2 (In a public subnet).
  2. Created a connector (Using the Docker deployment method)
  3. Created the resource (With the correct DNS name)
  4. Created an IP set (With the EC2’s CIDR)
  5. Created a web ACL (With the IP set I created in step 3).
  6. Connected the web ACL to CloudFront.

I try to connect - Access denied.
Any help would be great.