I have created a Apache web server with dedicated IP, how can I transfer data to the web server using that web server IP address and port? How can I set up a php socket to received data through IP and save as a text file?
You're always using the IP to contact a server. If you use a url, the domain name is looked up in a DNS and you still use the IP to connect to the server.
After that, in the request, the domain name (or URL actually) is specified, and based on the existence and value of that information the server may allow or deny the request.
It's not a matter of 'not possible', it's just how you configure your server.
Related
I have published an ASP.NET core Web API on IIS. The website is hosted on a Windows Server 2019 dedicated server with a number of IP addresses. In Plesk I have set the IP address which I want the website to be bound to (let's assume is it 10.1.1.1). When I ping the domain name I see the correct IP address.
In one of the API's endpoints, there is an HTTP Request made to an external API which has access restriction to pre-defined IP addresses. If a request is made to this external API from an unknown IP it returns an error with that IP address.
Our website's IP address is set properly at the external API. However, when our API tries to connect to the external API from code it doesn't use the website's correct IP Address. It uses the first available IP address on the server. Therefore, the connection to the external API is refused.
My question is, why the HTTP Request is not made from the same IP address as the website and what can I do to make things right?
When we bind sites to IIS, you are only binding the incoming IP address. Traditionally we would want to control and sanitize all outbound requests, it there are multiple NICs configured, the outbound traffic would be routed through the NIC that is configured with the gateway, or the NIC that is on the same subnet as the target.
If your server has multiple IP addresses defined in the same NIC, the outbound IP address from IIS hosted content is selected for you. I'm not sure if it is a round robin but I can tell you it is not in any way related to the incoming IP address that your site is bound to.
Outbound traffic is NOT associated with IIS at all, outbound traffic from IIS follows the normal pathway and rules as outbound connections from all processes on your PC/server.
The general standard to avoid this issue in IIS is to use SSL and Host Header Names. That way you can host multiple sites on the same IP address, or realy you are inbound address agnostic meaning your configuration can be easily ported to other hosts without having to mess around with multiple physical or virtual IP addresses.
Following this advice from Forcing Windows Server to Use a Specific Outgoing IP Address, you can use powershell to exclude specific IP addresses from being used as the external source.
Assuming the IP address you want to be primary is 192.168.33.129.
$primaryIP = "192.168.0.4"
Set-NetIPAddress -IPAddress $primaryIP -SkipAsSource $false
Get-NetAdapter | Get-NetIPAddress | ? { $_.IPAddress -ne $primaryIP } | % {
Set-NetIPAddress -IPAddress $_.IPAddress -SkipAsSource $true
}
Now all IP addresses, except the one you are designating as "primary," will be excluded from consideration as primary. We can verify this using...
Get-NetAdapter | Get-NetIPAddress | Select-Object IPAddress,SkipAsSource
It must also be said that communications outside of your IIS host can be routed via VPNs and Firewalls, even if you manage to fix the internal IIS server outbound IP address, the external site will still register your network's external IP address, not the internal 192.168.0.4 on the NIC.
Most enterprise firewalls will have the ability to configure Source NAT (SNAT) rules or policies, sometimes referred to as Multipath Routing, that will allow you to bypass or negate any configuration on the IIS NIC as described above.
I am developing a .Net Core REST API for an Android app which is written in Dart/Flutter, both .Net Core and android app are connected to the same local network, right now I am sending requests to server by using it's IP address, however I want to make it easy for end users to use the app since they have limited knowledge of configuring stuff.
How can I link a local domain to the server or at least use server name instead of ip address for sending requests, in that case it would have saved me a lot of time and hassle with end users.
Do I need a DNS server for this and is it easy to implement this functionality?
According to your description, you should set up a DNS server in your local network. If you want to access the app by using domain, you should make sure the android app is also inside that local network.
A DNS server is a computer server that contains a database of public IP addresses and their associated hostnames, and in most cases serves to resolve, or translate, those names to IP addresses as requested.
More details about how to set up a DNS server and configure a DNS server , you could refer to below article: https://support.microsoft.com/en-us/help/814591/how-to-install-and-configure-dns-server-in-windows-server-2003
Android.googleapis.com-
We send notification to the device when a content is pushed in the system, this is the google server which is responsible for sending the notification to the corresponding devices, Our both Sync Server and web portal send notifications to device using the GCM Server.
firewall at my organization is blocking the "android.googleapis.com". I need IP addresses for this URL so, that it can be allowed from firewall.
Pl. help
Run a cmd, then ping android.googleapis.com you can see in the answer IP of the URL.
Instead of getting the IPs only once, it's better to have a local DNS server and then record the IPs corresponding to the domains that you want to be allowed.
If you use Linux as the router & DNS server, dnsmasq allows adding IPs for specified domains into ipset. Then you configure the firewall to allow that ipset.
The ipset entries can be configured to expire after some duration.
I'm setting up a tool that relays and verifies information. One of it's protocols though is to verify if the server trying to challenge a key is whitelisted.
Problem now is server 1 and 2 is in the same network. When I make server 1 connect to (somedomain.com), which is routed back to server 2. Server 2 recognizes remote address as the (local ip) not the public IP. (Even if I explicitly ask server 1 to connect using IP instead of Domain name.)
This creates problems as (Long story) but server 2 needs to recognize server 1's public IP and not Internal IP.
Would appreciate any help or tips I can get from this.
Cheers,
Jet
You can route traffic via external server using SSH or proxy.
We are trying to specify IP address instead of hostname(eg: www.abc.com) for WCF service hosted in IIS v8.0 on windows server 2012
This gives error saying special characters not allowed. Is this not allowed?
But it works fine when we specify IP address as host name in our local systems which runs IIS v7.5.
A hostname is not an IP address, therefore you can't specify it in the site bindings as a host name.
If you are trying to access a service on your local IIS machine, simply having the site binding present is enough, but you may want to bind it to a specific IP address (the IP address dropdown), or if you leave it as "All Unassigned" then the application will be available on all IPs registered with the server, on your chosen port.
If you are trying to access an app on another machine from yours, you can either get a DNS value added by your network admin, or change your HOSTS file (C:\windows\system32\drivers\etc\HOSTS) and add in your own alias:
54.XXX.XXX.XXX myalias
Which means you should then be able to access http://myalias:8092/ from your browser.
Update The validation message is apparently by design:
http://blogs.msdn.com/b/dasane/archive/2013/10/16/adding-ip-address-like-host-head-in-iis-8-shows-ui-validation-error-this-worked-fine-in-iis-7-5-and-earlier.aspx
Reading that article, I can now understand why you may want to use an IP address as a host-header, as it effectively allows you to route external IP address calls to your local machine without requirement of DNS changes. For what you need though, if the IP address is bound to an NIC on your local machine, just leave it blank as it will resolve locally anyway.
Check what you provided in Hosts file (C:\Windows\system32\drivers\etc folder) in your local machine
For the above case you need to provide the hostname not ip address