Incorrect 403 Error

Google AI Studio
1

For some strange reason, despite changing models (gemini-1.5-pro vs gemini-2.0-flash-exp), changing the safety levels (block_none to block_most), and updating the API key, there is one server of mine where the API key does not work. The same configuration, code, and API key work locally and on other servers. Non-Gemini APIs also work.

Maybe the previous tenant of the server I’m using did some misdeeds, so the IP is in some blocklist? I’m not too sure.

This is the response I get:

<html lang=en>
  <meta charset=utf-8>
  <meta name=viewport content="initial-scale=1, minimum-scale=1, width=device-width">
  <title>Error 403 (Forbidden)!!1</title>
  <style>
    *{margin:0;padding:0}html,code{font:15px/22px arial,sans-serif}html{background:#fff;color:#222;padding:15px}body{margin:7% auto 0;max-width:390px;min-height:180px;padding:30px 0 15px}* > body{background:url(//www.google.com/images/errors/robot.png) 100% 5px no-repeat;padding-right:205px}p{margin:11px 0 22px;overflow:hidden}ins{color:#777;text-decoration:none}a img{border:0}@media screen and (max-width:772px){body{background:none;margin-top:0;max-width:none;padding-right:0}}#logo{background:url(//www.google.com/images/branding/googlelogo/1x/googlelogo_color_150x54dp.png) no-repeat;margin-left:-5px}@media only screen and (min-resolution:192dpi){#logo{background:url(//www.google.com/images/branding/googlelogo/2x/googlelogo_color_150x54dp.png) no-repeat 0% 0%/100% 100%;-moz-border-image:url(//www.google.com/images/branding/googlelogo/2x/googlelogo_color_150x54dp.png) 0}}@media only screen and (-webkit-min-device-pixel-ratio:2){#logo{background:url(//www.google.com/images/branding/googlelogo/2x/googlelogo_color_150x54dp.png) no-repeat;-webkit-background-size:100% 100%}}#logo{display:inline-block;height:54px;width:150px}
  </style>
  <a href=//www.google.com/><span id=logo aria-label=Google></span></a>
  <p><b>403.</b> <ins>That’s an error.</ins>
  <p>Your client does not have permission to get URL <code>/v1beta/models/gemini-2.0-flash-exp:streamGenerateContent</code> from this server.  <ins>That’s all we know.</ins>
Backtrace
2

Ok, update: the server’s IP address is indeed blocked.

it blocks this IP pattern: a.bbb.cc.****

and only got fixed when i got provisioned a server with this IP pattern: a.bbb.dd.****

It would be nice though if the API made it more explicit that it was an IP block, and not a generic permissions error. Would’ve saved me a day or 2 from testing out various possible reasons why it failed.