Our company computers have very limited access to Internet, when a application needs connection to internet we usually allow the IP addresses that application needs to connect through firewall.
Now I am trying to connect this particular application to their cloud service and added three IPs which I know it uses to pass through firewall, but the application still having issues to connect to the cloud. With unrestricted internet it connects without any issues.
Is there any way of finding the list of IPs this particular application uses through Microsoft network monitor or any other monitoring application, If so could you please let me know how to do it?
Install Wireshark on the same computer where the application runs, then perform capture while the application is trying to connect, by analizing the capture with Wireshark you could be able to see all the connection attempts
Used Microsoft network monitor, Works really well once you start the process on there and start the application the left hand panel will show up with traffics on the apps that are connecting to the internet.
Related
Followed this tutorial to setup two ec2 instances: 12 . Creation of two EC2 instances and how to establish ping communication - YouTube
The only difference is I used a linux image.
I setup a simple python http server on a machine (on port 8000). But I cannot access this from my other machine; whenever I curl, the program kind of waits. (It might eventually timeout but I wasn't patient enough to witness that).
However, the workaround, I figured, was that you have to add a port rule via the security group. I do not like this option since it means that that port (for the machine that hosts the web server) can be accessed via the internet.
I was looking for an experience similar to what people usually have at home with their routers; machines connected to the same home router can reach out to other machines on any port (provided the destination machine has some service hosted on that port).
What is the solution to achieve something like this when working with ec2?
The instance is open to the internet because you are allowing access from '0.0.0.0/0' (anywhere) in the inbound rule of the security group.
If you want to the communication to be allowed only between the instances and not from the public internet. You can achieve that by assigning the same security group to both the instances and modifying the inbound rule in the security group to allow all traffic or ICMP traffic sourced from security group itself.
You can read more about it here:
AWS Reference
I have the following scenario:
A Windows PC (with local IP 192.168.0.10) in a small office running a server application on port N.
A smartphone app outside the office which connects to that server and requests data.
In order to make this work I have to do the following:
In the router of the office I open port N and forward requests to PC 192.168.0.10.
I give the (dynamic) IP address of the router to the smartphone user so he can type it in the app. I may use a dynamic DNS service to ease things up.
This works fine but now we want to sell this system to other people. The problem is that it will be very difficult for them to change the router settings, or to use a dynamic DNS service.
Is there a way I can connect the smartphone app to the erver running inside the customer’s office without asking him to configure anything in the router?
I’m thinking of something like TeamViewer. TeamViewer can connect two computers easily and users do not need to know anything about routers, firewalls, port forwarding or dynamic IPs.
TeamViewer must be running some kind of server which works as a bridge between the two computers. We would like to provide such a server to our users (if it’s easy to implement and not very expensive), but we don’t know how.
I think that we could rent some service like www.dyndnsservices.com to provide a dynamic DNS to our customers, but that doesn’t solve the problem of router configuration/port forwarding.
If you wrote nice useful piece of software, I suggest you sell that, don't try to sell the service you know almost nothing about. It is usual for application servers to work (network wise) in the same way as yours, and you don't often see software vendors selling network bridging/forwarding/whatever solutions.
So we have a local network at work that connects to the internet and can be accessed remotely from home. Every now and then the internet connection drops even though the local network is still functional. This prevents users from accessing the network remotely.
We need to have a backup computer which can be remotely accessed through a different internet connection (maybe a mobile stick or something). I am wondering if it is possible to have such a system setup where the computer is connected to the local network and at the same time use a different adapter to connect to the internet. The end result would be to have the remote user access network resources.
Any help would be much appreciated? I am thinking that the computer will treat the two connections as separate but I hope that I am wrong.
If you are using windows server then you can do that using routing and remote access protocol.
You can also use Microsoft Forefront Threat Management Gateway.
If you are an open source fan, then go for a PFSence comunity edition which is available on Linux platform.
There are many other options as well. if you can let me know which platform are you planning on then I can give you more details.
I found a tutorial that shows you how to create server and client programs, and make them communicate over a network.
http://www.win32developer.com/tutorial/winsock/winsock_tutorial_1.shtm
I can make a client program connect to, for example, 192.168.0.4 on my local network, and I can make it connect to 74.125.225.96. But what if I wanted to make it communicate with 192.168.0.4 on the network of 74.125.225.96, instead of just the default server on 74.125.225.96? I'm having a difficult time finding the answer with Google.
Is there even a way to do this? If not, then how are Gnutella and Bittorrent, able to connect computers directly together to share files?
To do what you are asking, 74.125.225.96 would have to be assigned to a router that is configured to forward inbound connections on the target server port to the machine that is running 192.168.0.4.
BitTorrent and other file sharing apps use various techniques, like NAT traversal, hole punching, etc to get connections through routers and firewalls. For example, if one party is behind a router/firewall and the other party is not, then the two apps first try to connect to each other in one direction, and if that fails then they reverse roles - client becomes server and server becomes client - and they try again. If that still fails, they could then connect to a middleman server that both parties have access to, and let it delegate the connections.
I published a web application to one of app servers. Now, if I am connected within my company network (no login require), I can access the web site no problem. Now, if I am connected from outside of the network over VPN, I can't access the website (Getting page not found appears). Do I need to configure IIS on the app server for allowing the connection over VPN?
Thanks for your time.
It sounds like you do not have your firewall/router configured correctly to allow traffic from external sources. When your connected via VPN it is like you are connected to the internal network. Without the VPN you need to make sure it is routed correctly and visible through your firewall. Can you ping the IP that you are trying to get to?
Do you get DNS resolution when you connect over the VPN? If you are trying to hit an internal machine name address, you might try changing to the IP address of the machine.