I have about 15 web applications running in my network but I do not want to expose them all publicly for security reasons.
My idea is to have 14 of these applications running on port 443 and one application on port 1 (doesnt matter).
Only port 1 will be exposed publicly. Once you successfully authenticate on the application listening to port 1 your IP will be whitelisted for X hours and therfore you will gain access to ther other apps listening on port 443.
Is anybody aware of a solution that does this or do I have to build the solution on my own from scratch?
greetz
I have IIS Installed on Azure VM with one Website running on PORT 80 which is exposed over the internet via the following Azure Firewall Role
if I try to bind incoming traffic on any other port that is not PORT 80, for some reason the Firewall doesn't seem to allow it.
for Example, if have a website running on PORT 8080 and I try to Set Firewall roles from EXTERNAL IP to the Internal IP via PORT 8080... the Website is unreachable.
If the website runs on PORT 80 and the Firewall Role is via PORT 80.. than the site works.
does anyone have any idea/suggestions?
I would like to be able to Expose websites over the internet from the Same Web Server using different PORT for each one.
I've found the answer to my problem via this URL:
https://manage.accuwebhosting.com/knowledgebase/2886/How-to-configure-IIS-to-access-website-using-IP-address.html
Basically After create Inbound Firewall Role from Azure on port 8080, the next step is to Add in Windows Firewall a New Role to allow Incoming HTTP traffic via port 8080 or any other port that the Wibsite is binding.
hope this will help others.
I have an Azure Container Service (Swarm). I am running a docker-compose with multiple http aspi and websites in it's definition. How can I configure the the swarm agent to allow inbound traffic to those apis? (they are running on different ports). By default I can access an api or a website under the 80 port only.
By default the Load Balancer has ports 80, 8080 and 443 open.If you
want to connect on another port you will need to open that port on the
Azure Load Balancer for the Agent Pool.
There is a document shows you how to open more ports for your applications in Azure Container Service.
I've changed RDP port to 8080 in registry on my Azure Virtual Machine (Windows Server). Now it is not accessible from outside, I cant connect it.
Azure VM is managed by Resource Manager (not Classic VM).
UPDATE:
Turning secuiruty rules so allow all not helped.
I've changed RDP port to 8080 in registry on my Azure Virtual Machine
(Windows Server)
We can use CustomScriptextension to check if RDP listening on port 8080.
netstat -ant | findstr "8080"
If your port not listening on Port 8080, we may need to restart RDP service.
If RDP listening on port 8080, we can use CustomScriptextension to disable windows firewall.
netsh advfirewall set allprofiles state off
About Extension, we create a ps1 file with the command, and upload it via Azure portal.
Azure has to know to allow traffic through to your VM. By default, on a Windows VM, only RDP is open. But you (for some reason) changed the RDP port in Windows Server. You need to do this with the network interface as well, via the VM settings (which has nothing to do with Windows itself):
Via Settings, go to Network Interfaces
Select your network interface and go to Network Security Group
From network security group, add an inbound rule for port 8080 (or modify the existing RDP rule to be port 8080).
It used to be possible to change your RDP port in Classic portal using endpoints. but in RM portal you cannot change your RDP port.
If you are trying to secure your box or by pass the security firewall to connect to your box, I recommend using Azure Load Balancer NAT rules, you can create a NAT rule to translate a custom port to 3389, and then you can only allow connectivity from LB to your VM, this a trick I use when I want to by pass the corporate's firewall, for example port 443.
Make sure you attach the LB to your VM from the NAT rule section
To access any port from public ip client -
Enable port in Azure firewall (if installed)
Enable Port in Network Security Group (add inbound rule) rule like 8080 -> 8080 or rule like 80 -> 8080
Enable Port in Windows Firewall of VM (on azure) -- most important if port is other than 80 and 443. - e.g. 8080, 8090 etc..
I have a linux vm on Azure. I opened an inbound rule for port 20212 tcp and furthermore in created a rule in iptables to allow traffic to this port.
But when i do telnet 127.0.0.1 20212 i get a connection refused error and also when i do telnet SERVER-IP 20212 i get the same error. Is there any other step in need in opening a custom port on Azure VMs
There are 3 moving pieces to this puzzle:
Network Security Group allowing a port
Linux VM firewall allowing a port
Application that is running and listening on the port
It appears that you are missing the third one.