I am not able to connect to GCM. Exception: remote-server-error(502) XMPPError connecting to gcm.googleapis.com:5235. I have got firewall exemption for one IP for 'android.googleapis.com'. able to connect, supposedly only when this IP is in use by GCM. Please help me with this. Do I need to get firewall exemption for a set of IPs that google uses? if yes, what are those IPs?
android.googleapis.com is a generic url for most apis for android.
Doesn't have any IP range defined.
You should do domain whitelisting in your firewall for Android push notification to work.
Related
I'm Park Sungmin of Bizpring.
We are trying to set up a firewall to use the Google sdk (gsutil, bq) command on the internal server.
I'm trying to set up a firewall based on the domain, which port should I open for which domain?
Please check.
Thank you.
Google APIs operate on HTTPS, so you need to be able to make outbound port 443 connections.
I have 3 sites hosting on a server with same ip. I am using cloudflare but some sites are able to find the server IP using "direct connect IP" Is there a way to disable it ?
Sounds like a P2P or gaming app on your server is broadcasting your IP. See if it can be configured to broadcast your FQDN instead.
Android.googleapis.com-
We send notification to the device when a content is pushed in the system, this is the google server which is responsible for sending the notification to the corresponding devices, Our both Sync Server and web portal send notifications to device using the GCM Server.
firewall at my organization is blocking the "android.googleapis.com". I need IP addresses for this URL so, that it can be allowed from firewall.
Pl. help
Run a cmd, then ping android.googleapis.com you can see in the answer IP of the URL.
Instead of getting the IPs only once, it's better to have a local DNS server and then record the IPs corresponding to the domains that you want to be allowed.
If you use Linux as the router & DNS server, dnsmasq allows adding IPs for specified domains into ipset. Then you configure the firewall to allow that ipset.
The ipset entries can be configured to expire after some duration.
I've set up an Ubuntu Web Server to host a game that uses port 25565.
I've set the router to port forward that port to the web server and gave the web server a static local IP. I've done this before using my own PC as the server.
When I try accessing the web server on that port using it's local IP I have no problem at all.
But, when I try accessing it from outside the network, I can't connect.
I've opened my router's list of DHCP clients and the web server is only listed there sometimes without a pattern I've been able to see.
Why I think the error is at my router:
I've installed Wireshark on the server to see if Apache was somehow blocking the web packets upon arrival. I tried opening all ports and I tried opening port 10000 which webmin uses (I'm able to connect to it locally). Neither has been successful.
Although I'm not experienced in the field, I don't think the packets get to Apache.
Please assist. Thank you!
Does your router hold the external IP address, or an internal one?
If it holds a private IP like 192.168.x.x, 10.x.x.x, or 172.16.x.x, then you would need to setup port forwarding on whatever device your router is connected to.
I've managed to fix it by changing the web interface of the port forwarding from atm1.1 to ppp1.1. It was just luck, as I understood it's web protocols but I don't know why it worked.
Thanks everyone for the help!
I am able to connect it if the two devices are in the same network but for example, if I use 4G on my android and turn of the wifi and try to connect to http://computer-ip-address then it just hangs and eventually errors out saying count not connect. The apache server is hosted in my local mac, and I've disabled my firewall temporarily. Any ideas on how to get a device using a different network to connect to my apache server on my local network?
You will need to configure your router so that it will forward port 80 from external to your mac.
Then, you can open http://your-public-Internet-ip on your mobile phone, effectively visiting your local web server.
If you don't like to remember your ip address, especially if you are on the go, the answer is dyndns or any free alternative, e.g. http://www.no-ip.com/services/managed_dns/free_dynamic_dns.html.
Using such a service, you will be able to enter http://yourname.service.com into your mobile phone. You will either have to configure your router to always tell this service your current IP (check your router for supported services) or run a tiny program on your mac which will handle this.
You need to enable port forwarding on your router to forward TCP 80 (and possibly TCP 443 if you are using SSL) to your web servers IP address.
Once done, you should be able to access your site via your routers public IP address.
Take note that of your web server is using a dynamic address provided by DHCP, your IP may change and this would stop it from working. I suggest you give your web server a static IP address to stop this.
You will probably have a dynamic IP on your router as well, so you can request a static one from your ISP or you can sign up for a dynamic DNS service.
If you post the model of your router, we may be able to give you more specific instruction on setting up port forwarding.
i hope your httpd.conf is set with port listening to
Listen 80
also, you can only access your site from your LAN otherwise, your server would need to be reachable from a public IP address, not a private one over an internet 4g connection, that means a diferent network
bonus points, if you try to reach your server from an external address, did you configure portforwarding on your router ?
If you could immediately and immediately connect to your localhost using your 4G network, then most likely anyone on the internet could do the same. It is important to understand that there are two components to the answer to your question:
Securing HTTP access (port 80 or whichever) from the internet. You probably don't want to open a wide door to your local network.
Configuring addressing from your client (in this case your phone) to your local computer (in this case your Mac). If the latter does not have a public IP address, then you will have to configure your client to hit your router instead, and to configure your router to forward accordingly.
Given that this is mostly system configuration work, I'm guessing that Serverfault would be a better place to find a satisfying answer.