When I try to access APIs on my remote server which I am connected through VPN, I get this error. Any help is appreciated.
As you have noted you are using a vpn, what type ?
1-Split tunneling VPN - Can use Postman directly to the API as long as the API server/Firewall/Load Balancer accepts traffic from your local workstation/asset
2-Tunnel mode-tunnel mode - Can use Postman via proxy settings to the API as long as the API server/Firewall/Load Balancer accepts traffic from your local workstation/asset, see the following link Postman - Using a proxy
3-Tunnel mode-tunnel mode with Internet Connection Shaing disabled - In this case you can only use Postman on a remote server/workstation (within the private network) where the traffic is accepted by the API server/Firewall/Load Balancer
Related
I cannot seem to connect to my website running on Azure VM. I have looked through every single Azure docs.
I allowed incoming connections to port 80 per documentation:
I have a very basic Hello World nodejs app listening on port 80 (i confirmed this app works locally my own system):
I am attempting to connect to the site via the Public IP assigned to me that i see in Azure Portal:
The problem is any attempt to connect to 40.XXX.XXX.230:80 in Chrome simply times out.
I am new to VM's but i think something is wrong with port forwarding?
Another thing to check:
Remote desktop into the virtual machine, and confirm that the virtual machine's local firewall allows incoming HTTP and HTTPS connections.
I have a Ubuntu 16.04 instance on google cloud and I can ping the instance with it's public IP, I'm trying to run a nodeJS backend REST-API on it.. I have successfully check API on my local machine, along with mongoDB.
In terminal connection I can see nodeJS my server (API) is running, but I cannot access to it. I have try API calls by using web browsers and postman, but it giving following error after few seconds delay "Could not get any response - There was an error connecting to :" how to solve the issue and what might be the cause for this problem.
You need to open the necessary port in firewall rules section
Go to -> Cloud console -> Networking -> VPC networks -> Firewall Rules
Click create Firewall rules, Add a name, keep the rest in default and in the source ip ranges add 0.0.0.0/0 and in the Specified protocols and ports add tcp:<"your app port">
In addition to Kalana's answer, you should also add http-server in target tags.
I need to fetch data from external API, which has white-listed IP requirement i.e. API will respond only to white-listed IPs
I have multiple servers in AWS Autoscaling group that needs to fetch data from this external API. I intend to route these request via servers running on white-listed IP (AWS Elastic IPs).
I am trying to use socat:
socat -v TCP-LISTEN:80,reuseaddr,fork,su=nobody TCP:api.external-service.com:80. But getting Invalid URL error.
Is socat the right way to solve this problem? if so then how do I fix this issue?
You could set up a Squid proxy server on the machine with the white-listed IP and route all requests through the proxy.
http://www.squid-cache.org/
I have created successfully a Hybrid Connection (ServerA) and linked it to my Azure Web App. The status is successfully connected: ServerB:1010 is defined
On My On Premise machine (ServerA) I can connect to a HTTP Service which is running on ServerB:1010 but I can't install the Hybrid Connection Manager on ServerB because of other restrictions.
If I Use WebClient.UploadData('ServerB:1010', data[]) in my Azure Web App I receive following error.
Unable to connect to the remote server ---> System.Net.Sockets.SocketException: An attempt was made to access a socket in a way forbidden by its access permissions.
If I connect to a database server MySql or Oracle which are also accessible from this server I don't have any problems
I have created successfully a Hybrid Connection (ServerA) and linked it to my Azure Web App.
Remove it and add a Hybrid Connection to Server B instead. Install the Hybrid Connection Manager on Server A. The HCM will act as a reverse proxy.
Hybrid Connections do not care which server has the HCM installation as long as that server can reach the DNS name you specify in the New > Hybrid Connection Portal blade.
Example traffic flow for WebClient.UploadData('ServerB:1010', data[]):
Web App ---> Hybrid Connection ---> HCM on Server A ---> 1010/TCP on Server B.
<--- <--- <---
There's an easier way to test. Open the Kudu console and do
tcpping ServerB:1010
CORRECTION: The tcpping test is very misleading since you're handshaking the Azure-end of the Hybrid Connection, not the on-prem application's TCP endpoint. And that may happily reply to you even though the on-prem stuff is not connected. Here's what i mean:
Always test at application layer (e.g. with curl.exe http://webservice.corp.local from the Kudu Console)
You must use names instead of IP addresses. Use the full FQDN to reference ServerA and ServerB both in the Portal setup and in your code. Hybrid Connections work by intercepting DNS calls at OS level and resolving them to the magic 127.0.0.x which is then routed over the Hybrid Connection to on-prem.
TL;DR version:
Instead of
10.10.10.2:1010
use
ServerB.domain.local:1010
both in the Portal setup and when referencing the on-prem host in your code.
Here's what happens if you use an IP Address instead of name:
In Kudu's DebugConsole:
D:\home>nameresolver 192.168.0.4
Server: Default
Non-authoritative answer:
Name: 192.168.0.4
Addresses: 127.0.0.3
D:\home>tcpping 192.168.0.4:80
Connection attempt failed: An attempt was made to access a socket in a way forbidden by its access permissions 192.168.0.4:80
Connection attempt failed: An attempt was made to access a socket in a way forbidden by its access permissions 192.168.0.4:80
Connection attempt failed: An attempt was made to access a socket in a way forbidden by its access permissions 192.168.0.4:80
Connection attempt failed: An attempt was made to access a socket in a way forbidden by its access permissions 192.168.0.4:80
Complete: 0/4 successfull attempts (0%). Average success time: 0ms
D:\home>curl -s 192.168.0.4
This is iisstart.htm from IIS 8.5 on Windows Server 2012 R2, on-prem.
So depending on what APIs you call (APIs that take 192.168.0.4 as FQDN vs IP Address) it kinda works.
You can't use tcpping with Hybrid Connections. It doesn't really tell you anything. All that tells you is that you hit the local socket that will catch your TCP traffic headed to your HC endpoint. It doesn't actually go through the connection.
As far as using an IPv4 address with Hybrid Connections, it can work and yet sometimes it won't. The reason for that is that the feature functions by catching the DNS request. If you are using a client library in your application code that doesn't do a DNS lookup on IP addresses then it won't go over the Hybrid Connection.
The DNS name must resolve to the correct IP address from the host(s) where you have the Hybrid Connection Manager running.
Going to the original question, you need a Hybrid Connection defined for your endpoint of ServerB port 1010. The DNS name used for ServerB must resolve from the host(s) running the HCM. Your HCM needs network access to ServerB port 1010 and to Azure. Your status says Connected which means that your web app can talk to your Hybrid Connection Manager for that endpoint. So, test connectivity from the host running the HCM to your desired host:port endpoint. Use a DNS name if you can. I hope this unblocks you.
I am having a really wired problem with my home laptop.
Below is what I have done:
I have set up my own VPN via AWS.
I added VPN ip address to Azure SQL firewall ip table
By not having VPN, I can connect to Azure easily.
However, once I connect to the VPN, I got error when I try to connect to Azure.
Error message:
A connection was successfully established with the server, but then an
error occurred during the pre-login handshake. (provider: TCP
Provider, error: 0 - The specified network name is no longer
available.)
On the other hand, I can use VPN and connect to Azure SUCCESSFULLY from my office desktop.
I believe this is something to do with my Home laptop settings.
but even I disabled firewall on windows 7,
and after disable firewall on azure SQL as well.
I still having same connection problem
any ideas?
Try opening up the SQL Azure firewall to all addresses to do a test. Maybe when you VPN in, you are leaving through a proxy and so your actualy IP address to Azure is different. You can set up something like:
IP range start: 0.0.0.0
IP range end: 255.255.255.255
If that works, then maybe you can do something with masking your VPN address like:
10.10.0.0 - 10.10.255.255
By not having VPN, I can connect to Azure easily. However, once I connect to the VPN, I got error when I try to connect to Azure.
Some VPNs support co-existence with normal internet connections while others don’t. I am not sure if AWS VPN supports that or not. If not, when you connect to the VPN, you lose your internet connection and thus cannot connect to SQL Azure.
On the other hand, I can use VPN and connect to Azure SUCCESSFULLY from my office desktop.
If the issue is related to firewall setting, you can try to change the setting programmatically, please refer to http://blogs.msdn.com/b/sqlazure/archive/2010/07/29/10043869.aspx for a sample.
Best Regards,
Ming Xu.