We have an VisualSVN Server running on our development server. An external vendor needs to access / use it (primary via TortoiseSVN, sometimes by using the web interface).
Since our IT does not allow external access to internal servers, they need to use a webserver in the DMZ (Demilitarized Zone).
Is there a way to redirect the external SVN access from this DMZ-webserver to the internal development server (preferable by using IIS 7 on the DMZ server)
Related
I have two servers. First one is a server with ASP app on it and the second one is an LDAP auth server. I need to login on app server over LDAP on the second server and I need to use windows auth (NTLM or Negotiate). As I know based on my research to login on the server using active directory domain from other server they must be in the same local network. This can be established by VPN. But the thing is that I can't use a VPN. Can it be established somehow? I'm currently trying to configure IIS to not identify my user on my current domain and serve the credentials to remote server over LDAP using .Net. Sorry if I have a wrong understanding about something, I'm still newbie in windows auth and AD. Correct me if I wrong in something.
I'm using ASP.NET Core RC2 and IISExpress 10 on my local machine and my target framework is 452 due to using some old modules.
On remote app server I'm using IIS 8.5
I have a Win 2012 server with IIS 8 running on that. Also installed Management Service with Remote Access allowed.
Another admin-user account is used to set up few default websites and now when I login to the same server using my admin-user account, I cannot see anything in the IIS.
I have tried connecting to server as localhost and with computer name as well but not allowing me to connect.
Any help on this would be great.
Found the issue -
There is a firewall implemented for the domain users to access. And when I tried to login as an Admin who is not permitted by firewall, I am just able to access the machine and internally my IIS component is not able to connect with the localhost or local server.
I have IIS 7.5 installed. How can I configure a virtual directory so that it authenticates users against an instance of AD FS 2.0? I've tried modifying my web.config in a similar fashion to the way I modified it to work with C# web applications, but to no avail.
How I have my federated structure configured is The Local web server applications are located on Server 1, The Web server/Federation Proxy (Remote Access/Web Proxy Server) are located on Server 2, IIS is installed on both Server 1 and Server 2. SSL Port on Server 2 is the default (443). SSL Port on Server 1 is (465**){those are not actually the * character}. Server 2 (The server that actually receives the web requests from outside of the domain) Has Virtual directories located in the default inetpub folder. In IIS I redirect the virtual folder to The application on Server 1 (so if the application name on server 1 is server1.domain.com/AppliactionOne, the virtual directory on Server 2 is Named {/ApplicationOne} and is accessible from the address or domain you have forwarded in your external dns {external-address-or-domainName-for-server-2.com/ApplicationOne}. When setting up the forwarding address you need to forward the port for the address you configured in your router to Server 1 {https://external-address-or-domainName-for-server-2.com:465/ApplicationOne} and open the port on Server 1 external-address-or-domainName-for-server-2.com:465/ApplicationOne
This way the external Server 2 is still communicating authentication with the federation server. just be sure to set the reply address in your claims to have the port number configured for Server 1 and the same certificate installed as on your Server 2 Server.
I am developing a web app that is not doing anything fancy. The parent company wants to use a cloud based IIS service to support the web app and then submit the information to the client's local SQL servers through the internet and the client's firewalls.
Traffic isn't that much of an issue, we are talking about probably no more than 10 submissions daily per client. My question is with regard to connecting to the client's SQL servers and running the Stored Proc on each server.
We already have admin privileges on the firewalls and servers to do what we need to do to make anything happen.
What would be my best/reliable/secure method to implement this service?
Page asks for 10 items of info then submits to Stored Proc, that's it... with a local IIS server there is no problem, works nice. I want to make sure that the information stays secured, not just for the 10 items, but the SQL server and any security between it and the IIS server.
Any recommendations?
I would recommend setting up a VPN tunnel between the remote IIS server and the in-house SQL server. With a VPN tunnel, the SQL server is just like any other server on the network to the app.
We have an application that stores files on a file server in our LAN. Now, they want a web application to make the files available on our public web server (in the DMZ). What's the best method for accessing those files from the web application?
The options I've considered are:
FTP from the DMZ to the LAN server. (cheapest and easiest)
A second file server in the DMZ and the files are pushed to it from the LAN. (Better performance and security, but also more money)
Configure a reverse proxy in the DMZ which will talk to the web servers (web application) in the backend internal network. This should solve your problem as the real web application will be separated from the external world. Use firewalls, SSL, Client autentication for better security.
just avoid Demilitarized Zones (DMZ) all together! They're the "bluetooth" of networks