Ignoring other possiblities such as Request.ServerVariables["HTTP_X_FORWARDED_FOR"], does Request.ServerVariables["REMOTE_ADDR"] gives me the "principal" IP of the client?
I'm talking about the IP that made the actual TCP connection.
Will ServerVariables["REMOTE_ADDR"] always be the "real" IP address of the remote endpoint?
Just to clarify: Even if it's a proxy who made the real TCP connection I'd like have its IP, and not a forwarded one.
Yes, except if its been through a NAT firewall. A NAT firewalled address would be masquerading many 192.168.x.x or any other private subnet behind a public IP address. So you'd be looking at the IP address of the NAT firewall (i.e. a Linksys Router or what have you).
Be warned that many cell phone carriers have HUGE NAT networks so they always look like they are coming from one or two public IP addresses.
The REMOTE_ADDR variable will be the IP of the system that directly connected to your web server to request the URL; so it would be the forward-most proxy server, if there is a proxy server.
Related
I sorry to botther with this...
I have a public IP 181.188.xxx.yyy and I have a Local IP range which is 192.168.10.0/24 on that range I have a Server which is 192.168.10.3 which runs different services on diffente ports, lets say Expressjs on 3000, Mongogb on 27017.
I have a Nat thar redirects from outside to public IP depending on the required port to the required service.
What I need to do, now is the inverse thing, detect when a local host is tryng to get an IP 181.188.xxx.yyy from internal network Mikrotik should forward to an Internal IP host.
Can Anyone lend me a hand with it please??
That you describe sounds like a hair pin nat because in the network topology a web server behind a router is on private IP address space, and the router performs NAT to forward traffic to its public IP address to the web server behind it.
Please see here for more info.
I am facing a very strange problem. I have a task to establish a TCP connection to a server who has a trusted IP. And I have to run the code in a host with private IP address. The trusted IP is 10.10.10.15, which is also a private IP. And the question arises that the IP address of my host and the trusted IP is not on the same network. To be specific, my IP address is 10.0.35.1/24. Please let me know if there is any solution to this problem
Presumably these subnets, i.e. 10.10.10.0/24 (?) and 10.0.35.0/24, are part of your local network. You will need a Layer 3 device to perform inter-VLAN routing.
This will be a router with Layer 3 VLAN interfaces, in the Cisco world they would be SVIs, that would be acting as the default gateway of the subnets in your network. What happens is all traffic that needs to go between two hosts between different networks, has to go through their default gateway and it will be routed to the destination network/VLAN.
As long as the network devices between the two clients are able to route packets between these networks, the hosts will be able to reach each other. In your code, you simply need to specify that these packets need to go to the private IP address of the other host.
Here is the scenario:
I have asked my ISP to give me public IP, which I can connect to my laptop and access from other outside network. They gave me following
IP : 103.51.2.198
subnet mask : 255.255.255.248
default Gateway : 103.51.2.193
preferred dns : 8.8.8.8
Alternate dns : 8.8.4.4
I have connected PPPoE connection in my laptop (not in router) and set these values at TCP/IP V4. My internet connection is fine.
But If I ping from other network by this IP (103.51.2.198), request is timed out.
Than I checked whatsmyrealip. and the IP is (103.51.2.102). this IP is a public IP of my ISP provider. And they are trying to give me an IP from that IP.
My ISP providers are not expert in networking nor am I. They are also not sure how they can give me a public IP.
I am not sure about what are they trying to do. and how will they give me another IP from a public IP. It will be very helpful, If anyone can explain the problem. and give a solution.
First of all, it's called public IP not "realIP".
Anyways, the answer for your question is:
You cannot access your home computer because it is behind NAT so it is unreachable from the outside of your network.
Quick example on how NAT works:
Scenario:
Private IP: 192.168.0.10
Public IP: 1.2.3.4
You are connecting to webserver on IP: 5.5.5.5
What happens:
You send data to your router, telling it that you want something from
5.5.5.5, your router assigns you a random port, let's say 11111,
sends the data with source IP 1.2.3.4 and port 11111. Stuff
happens on the webserver and the data comes back. Router reads it and
remembers that everything going to 1.2.3.4:11111 belongs to
192.168.0.10 so it sends you the data.
Here everything works because it's your computer the one starting the connection, otherwise, the webserver would never be able to connect to you.
How do I get the internal IP address and port of the local machine in a cross-platform way? Not internal within the LAN, but the ISP, so that other users of the ISP can connect? Is connecting to a VPS with a public IP enough to get the external IP and port outside the ISP? How to get the ISP subnet mask to know when another internal IP is within the NAT?
edit: Probably don't need this. NAT punch through is enough. Am I right that router's don't have the same traversal rules as ISP's?
A NAT's public IP address is its external IP address. I don't understand what you mean by internal IP address. By internal address usually is meant a device's local address.
All the users of an ISP is in local LAN if the ISP has only one NAT under which all the private IP address is assigned. Some ISPs has nested NATs. In that case users under different NATs are in different network.
You can get your NAT's external IP:Port by sending a stun request to a stun server. From the server's reply you can get your NAT's external/public IP:Port. If the users of an ISP are not in local LAN but under different NATs then using their external IP:port they can communicate.
I've some doubts about a VPN.
I've been given a Cisco VPN client to connect to the LAN of my society. I use this to connect to a local server. I don't understand how the VPN is working.
I'm at home now. In the VPN Client I see an IP. If I go to http://www.whatismyip.com/ I see another IP, which is the IP I've when I'm also without the VPN Client, while I expected to see the IP of the VPN Client. If I use $_SERVER['REMOTE_ADDR'] I see another (third!) IP, while I expected the IP I see in the VPN Client.
Can you clarify please?
I need this to know if I'm identifies always from the same IP from the local server.
If I'm not mistaken, this should be correct. Please correct me if I'm wrong.
By default you have 2 IP addresses.
Local IP: IP address used to identify yourself within your LAN.
Global IP: A public IP used to gain access to the internet. At home it will most likley be a public IP NATTED* by your ISP.
Because you're also using a VPN connection, you'll receive a third IP.
Local IP for VPN: IP address used to identify yourself on the other end of the VPN.
*NAT = Network Address Translation