I have a set up I would like to implement but just not sure on the details. As you can see in the image below I have a single VPS in the web which I would like to use as a gateway to a number of locally running web servers. Im using the VPN to hide the IP/location of the server farm while maintaining the ability to host locally.
What I am not sure on is the implementation as I have never used a VPN before. My understanding is that I can host the VPN server on the server farm, have the VPS connect to it which will give me another 'local' network interface which I can then use apache to proxy traffic through?
The server farm is basically a small Kubernetes cluster give or take a little.
Is my understanding correct and can you offer any advice on implementaion?
Thanks in advance!
server farm example image
The VPN server should have two network interfaces. The first is the public interface that connects to the Internet and the second is the local interface that connects to the server farm. All the servers in the farm should connect only to the local interface and have the gateway set as the VPN server.
You can use the Reverse Proxy functionality in Apache to route incoming traffic to the appropriate server. See Reverse Proxy Guide
Related
I currently have the following network setup and would like to be able to make WebRTC calls between the two clients in different networks.
I enabled IPv4 forwarding on the openSuse Leap 15.2 server and both devices have either 192.168.2.1 or 192.168.4.1 as their default gateway. The web application as well as the signaling service are both hosted on this server as well.
With the Firewall disabled the call works as suspected, but with the Firewall on the call no longer works. I thought about hosting a Coturn STUN/TURN server on this server, as I've read that you should provision one, if you run into troubles with a firewall.
Is a setup like this doable with lets say Coturn and what would the configuration look like for a scenario like this?
I ended up solving it as I describe in my GitHub issue for this matter.
Hi i am new to Web Services. Here is my doubt
1) If i am hosting my website then their should be a web server which should keep my website into that this also we are calling server..
2) If i want to run PHP Program in my local system i should use Local Server lie XAMPP this also we are calling server.
My doubt is for example in local system i have downloaded Xampp and i am running my server side program.. but after uploading into server how its working
also AWS, Proxy is which server???
All the servers are confusing a lot
Both web servers and local servers are just computers with software installed on them.
Not much more.
That said a web server is a computer that is connected to the internet and has some kind of a web server software installed on it.
The most common one is an HTTP server software that can serve web pages.
For example, Apache, Nginx are both HTTP servers that can serve both static and dynamic web pages to browser across the world.
Another web server can be FTP, IRC, NTP, SMTP/IMAP/POP3 (mail servers) are all web servers that just have different software installed on them and so they serve other purposes.
A local server is again a computer that serves a client within the local network or LAN.
That means that in most cases it will not be connected to the internet or if it does it will be protected with a password so not everybody can access its services.
It can act as a file server or LDAP server that are roles of a typical local server but it can also be a local web server that holds web-based application only for the local organization.
For example, a company will have a local web server with Salesforce installed on it to serve it's CRM needs.
To make a long story short both servers are just computers connected to a network. Local servers are connected to the LAN and Web Servers are connected to the WAN. Other than that it really depends on the software you install on them and the use you want to make of them.
If you need more clarification, leave a comment and I'll try to help.
The problem I have is that we're trying to use our WebApp in Microsoft Azure to connect to an external SQL-database (not our own) through a VPN. The SQL-database is only allowing connections from our local IP-addresses that we put up as a Network (for example 176.0.0.0/24).
We are now connected to the same virtual private network, and through our Azure-VM we can now connect to the SQL-Server through SQL Server Management Studio.
Now we want to do the same with a WebApp, but we're not getting through to the server. It gets "Not authenticated" before reaching the SQL-Server (probably the server isn't accepting our IP from the WebApp).
The different problems I have tried to look through is:
Do we only try to connect through our Outbound IPs?
Is the WebApp not connected to the VPN?
I have unfortunatley not found any real answers, and neither any solutions to my problem. If you have any ideas of how to solve our problem, or maybe know how I could tunnel all of the SQL-calls through the VM, the help would be very much appreciated!
Hybrid connection is one option. What you can also do is enable point-to-site in your VPN. Once you do that, you can directly integrate your web app to the vnet and your connections will work. (Go to your web app -> Settings -> Networking -> VNet Integration)
If your Vnet is V1(older way of creating VNs) then enabling point to site is very straightforward. You can do it through portal. For V2 Vnets you have to do it through powershell commands.
Here is a link for the documentation which explains both the options.
https://azure.microsoft.com/en-in/documentation/articles/web-sites-integrate-with-vnet/
There's a way to "tunnel all of the SQL-calls through the VM". You may want to use hybrid connections (cf https://azure.microsoft.com/en-us/documentation/articles/integration-hybrid-connection-overview/).
The principle is to have an agent installed on the VM that can access the database with the correct IP address.
Suppose you can access the SQL DB as mysqldbsrv from the VM. You add an hybrid connection associated to your web app, you install the agent on the VM. Then, when you connect to mysqldbsrv from the Web App, you go through the VM.
I have a WCF service, and two apps behind the Firewall, and third app connect remotely through internet. I host the service on IIS.
If I restrict the IPs to local IP, and that remote server IP using IIS, would that be sufficient? if yes, Is that a bad idea for another reason rather than security.
Given that the remote server will connect through HTTPs and credentials.
thanks
Securing using IP is a good idea only if you are sure that IPs are static and unlikely to change. For example, local IPs can easily change (typically, they get auto assigned). So, I will go via this route if what you are securing is a critical/sensitive.
Trying to figure out the best way to easily connect a bunch of client machines running WCF service to a LAMP server on a wide area network....
Currently just set up set up each client with DynDNS, and port forwarding at the router... Absolutely not the best situation for deployment.
Ideally would like to have a simple program they run which automatically connects them to the LAMP server....
Can anyone point me in the right direction?
Should I be looking at Reverse SSH, Windows Azure AppFabric ServiceBus?
This is one the scenarios that Service Bus relay was created for. With the relay, a sort of tunnel is established via ServiceBus between your WCF services and your clients, independently of where each party is deployed (as long as both have internet access, that is).
This article has a tutorial on an scenario that's very similar to what you describe:
http://www.windowsazure.com/en-us/develop/net/tutorials/hybrid-solution/
A reverse proxy would certainly be relevant here.
There are a number of ways to provide this. You mention using a LAMP stack so I'm assuming that you are using Apache as a web server.
You need a couple of optional Apache modules. Proxy and Reverse Proxy.
Typically you would assign a virtual "folder" to each actual app:
https://server/app1
https://server/app2
The reverse proxy would forward requests through to the actual, internal server/port:
https://server/app1 -> http://localhost:8000/
https://server/app2 -> http://localhost:8001/
(or whatever configuration you want)