We have a REST API which is working with Azure CosmosDB. This Azure CosmosDB account has enabled firewall, which allowing traffic from xxx.xxx.xxx.xxx IP address(which is our OpenVPN server).
On client/developer's side we have OpenVPN client which is pushing route to xxx.xxx.xxx.xxx CosmosDB via VPN interface. When we build and run this REST API app in Visual Studio via IIS Express, the app is ignoring network route to CosmosDB and even ignoring changes in ..\system32\drivers\etc\hosts file(we have internal VNET ip conigured on that CosmosDB account).
Response status code does not indicate success: Forbidden (403); Substatus: 0; ActivityId: $someActivityId; Reason: (Message: {"Errors":["Request originated from IP yyy.yyy.yyy.yyy through public internet. This is blocked by your Cosmos DB account firewall settings. More info: https://aka.ms/cosmosdb-tsg-forbidden"]}
But if we run same app in IIS Server(in our case its a IIS 10) network route and hosts file change also working fine. Also network routing works when we using Microsoft Azure Storage Explorer or powershell az module. It's not working only when the app is hosted by IIS Express.
Its only working via VPN, if VPN is set as default gateway. In our case we don't want to use VPN as gateway for all traffic.
Does IIS Express has any restrictions which may cause this? Is there any workaround?
Related
I have hosted Flask Web application on Windows Server on AWS, I have done followings
hosted it on IIS and add new bindings(port 8090) to web site
Created inbound rule for the port(8090) given in bindings
And it works fine on the server, but when i'm trying to access it on my PC's web browser says
it cannot reach took too long to respond
What else i need to do ?
In your vm, different provider has their security policy. For aws even you have set inbound port rule, it will not work. You also need to set inbound rules in their potal.
👉(1) Open Windows firewall, Create an Inbound Port Rule.
👉(2) Directly in Amazon Web Service console, exactly in security groups/inbound.
I have the following setup in my DEV environment which is running on Windows 10 (which should be irrelevant).
Homestead with Virtual box to develop my Laravel applications
on my local OS I have a IBM Domino server running as dev1.mydomain.local
I'm trying to access the REST API on the Domino server from my Laravel installations. At the moment I'm getting 404 errors when trying because the domino server is not available from within the VirtualBox of Homestead.
Here is the network configuration of the homestead virtual box
Both webservers Domino and nginx on the virtual box are running on standard ports
Here is the ifconfig output of the virtual box
How can I make that possible?
UPDATE:
It just came to me that I am able to access the Domino server with LDAP, so perhaps changing the http and https port of the Domino server is already the answer...
I will test that and then get back here...
Changing the Port of the Domino server to 8080 enable me to access the server's REST API
dev1.mydomain.local:8080/api/data/
The connection to the local machine seems to be enable through the VirtualBox's second network adapter and the my call to the REST API got confused with the 2 web servers listening to the same port on localhost(127.0.0.1)
Update
although I was kind of able to connect to the server using the address above, still left me with the problem that authentication wasn't possible. In order to do so (and I have not the slightest idea why), I had to change to the local IP address of my PC to access the REST services
http://192.168.0.155:8080/api/data
If someone could explain that I would be happy :-)
Actually the question is kind of duplication of the following one Unable to access a locally hosted wcf service over the internet but with only difference that the service is hosted by a windows service on Azure Virtual Machine.
I can access the service on the machine and I have added an endpoint to the service port at Azure Configuration console, but still cannot access the service over the Internet.
The error message that is not possible to set up connection.
Is my scenario technical possible on azure? if yes - what is done wrong?
The answer to my question was pretty straightforward. Although I opened my endpoint in Azure Management Console the port was blocked by the virtual machine firewall (windows firewall). After setting in- and out- tcp port rule, the problem had gone.
I installed Mule Community Server on AWS cloud and it is functioning properly. When I use http end point and invoke Mule services from browser on my Amazon EC2 machine they work. When I access them from outside, the request timeout. The end points are not bound to local host but mapped to 0.0.0.0:8081. I have checked all firewall settings using amaozon security group and set permission for all. Yet it doesnt work. I am able to access the Windows IIS http server on the same machine but not mule on port 8081. Any clues would help.
Hope this doesn't sound rude, but did you disable the windows firewall, or allow 8081 through the windows firewall?
I am now in the process of transferring my servers to windows azure. I created a virtual machine (2008 R2) and installed IIS 7.5. I then transferred one of the site (DNN) and configured it to with it's own apppool (4.0) and granted permission for this app pool to read and write.
I have two domains: one internal, which I defined in the HOST file, and one public (mydomain.com). The internal domain works fine however with the external domain I'm getting:
500 - Internal server error. There is a problem with the resource you
are looking for, and it cannot be displayed.
Perhaps, you haven't set up endpoints for the server on the portal to allow HTTP traffic? In other words, did you open up port 80 on the Azure portal for this VM?
Check out how to do that here - https://www.windowsazure.com/en-us/manage/windows/how-to-guides/setup-endpoints/