I am currently using a very simple OpenVPN setup where I connect from different devices to a OpenVPN server and then access a website that is being hosted by an Apache Server running on the same system. To reach that server, I have to use its IPv4 adress inside the VPN (e.g. 10.1.0.1).
I would like to use a 'real' name like myserver.local. Is there a way to do this without setting up a DNS server? Can the OpenVPN-Client maybe just add an entry to the local hosts-file?
Not without setting up a DNS server, but getting one to work is very easy and can be restricted behind the VPN.
I am using dnsmasq on Ubuntu 14.04 for exactly this purpose. Just install it and add all your hosts to the /etc/hosts-File in the following way:
# Clients on the VPN
10.8.0.1 vpn.lan vpn.lan
10.8.0.8 service1.lan service1
10.8.0.6 service2.lan service2
You can restrict dnsmasq, that it only listens to the tun0-Interface of OpenVPN by adding interface=tun0 to /etc/dnsmasq.conf. You can push the DNS server to your clients by adding push "dhcp-option DNS 10.8.0.1" to your /etc/openvpn/server.conf.
The downside of this solution is, that you have to add every server to /etc/hosts, but for a couple of servers I think it's ok.
Related
Note that I'm newbie in Argo tunnel
I have several servers in different locations and only a set of them exposed to the internet. (Lets say there is two sets, backend and frontend.
I want to coonect from frontend to backend using Argo tunnel like they are on the same machine. Lets say, I have setup Nginx with proxy_pass http://backendde:8008! Now, backendde is a name for one of my backends. (or set an IP like 10.25.36.1)
Maybe, my question can be: "How can I expose one server to another using Argo tunnel?"
Note that I cant edit /etc/hosts (its a PaaS/kubernate) so, I have to assign a fixed local IP for each instance.
I have this
/root/cloudflared tunnel --no-autoupdate run --token $TUNNEL_TOKEN --protocol http2 $TUNNEL_NAME
and I dont know how to set a fixed IP for my instances and then call this IP from another server (with argo setup)
Thanks in advance
what you want to do is called "connecting private networks" on Argo tunnels lingo.
You will need to deploy a "WARP" client on one end, and a cloudflared daemon on the other end, to be able to route traffic on the cloudflare edge network (without exposing the host to the internet).
See details here:
https://developers.cloudflare.com/cloudflare-one/connections/connect-apps/private-net/connect-private-networks/
I have a centos 7.9 linux server with whm panel installed. Apache is installed directly on the domain names I created, I don't want to run apache on the subdomain of one domain name. I want to run a node js server. When I say "service httpd stop", they all shut down. What to do?
Network services don't bind themselves to specific hostnames. You have one Apache server running. Any connection to port 80 will connect to that server. Apache then looks at the host header in the HTTP request to determine which website to respond with.
If you want one site to use Node.js then you need to pick one of these options:
Configure Apache to act as a reverse proxy for the Node.js hosted server
Run the Node.js server on a different computer and point the host name at that computer
Have multiple network interfaces for the existing computer, with their own IP addresses, configure Apache to listen on one and Node.js to listen on the other, then point the hostnames at the right IP addresses.
(I don't recommend the last one as it is the most fiddly).
Trying to host a web site on my local Win 10 Pro machine withing IIS, provided I share the IP to my friends. My host file contains something like:
127.0.0.1 site1.com
127.0.0.2 site2.com
127.0.0.3 site3.com
127.0.0.1:1 site4.com
127.0.0.1:2 site4.com
123.45.5.6 site5.com
123.45.5.6:33 site5.com
They all work as expected except for the imaginary external ip (only for example), and adding the port or not makes not difference. Seems i've tried what makes sense, say my external is '1.2" Creating a host entry like
1.2 # or
1.2:Port # the external IP with port
Also attempted adding an exclusion for he firewall to help ensure the traffic is allowed by doing:
netsh advfirewall firewall add rule name="Open Port" dir=in action=allow protocol=TCP localport=81
Kind of lost what might be missing, any suggestions?
Thanks for he help.
First. There is no need to add port after IP address in hosts file. Port can be configured on IIS by setting binding.
Second. If you want to allow any web client can access the site host on local WIN10 pro, you need to make sure WIN10 pro and web client are in the same LAN. Otherwise it is need to buy a public domain and bind to WIN10 pro device.
Using Ping command is a great way to test traffic between devices. It can help you make sure if web client can create connection with WIN10 pro.
Well i have a machine and i want to do a very simple thing, on this machine i have 3 DNS records,
for example 111.111.111.111 is the ip of the machine itself
test1.whatever.net - 111.111.111.111
test2.whatever.net - 111.111.111.111
test3.whatever.net - 111.111.111.111
We would like the traffic coming through each DNS record to be
handled by each corresponding service.
Create 3 very simple scripts that act as a website using any language
or platform (suggested NodeJs), that echo the name of the service
when calling the DNS record (e.g. "service1", "service2" and
"service3").
how do i do that?
All of the services must run on port 80
The machine is AWS Linux 2
What http server are you using?
Usually you can solve this issue with creating virtual hosts. In Apache it would look like this: https://httpd.apache.org/docs/2.4/vhosts/examples.html
There you can define, based on the DNS request, which folder the webserver should use to present the client.
Another option, but this might be more complex, when you setup an nginx proxy. https://docs.nginx.com/nginx/admin-guide/web-server/reverse-proxy/
I host a web application on my laptop and I access it using 'localhost:9080/abc.com' and lets assume my IP is '192.168.10.20'
Now, I want my colleague to access this web application from his system 'web browser' by typing in '192.168.10.20:9080/abc.com'
As laptop is owned by 'company' I cannot install (or) use any third party softwares
How can I manage this on RHEL 6?
Assuming you're on the same network (LAN) then a client who connects to 192.168.10.20:9080 should have no problems (assuming the web aplication also listens to requests other than localhost).
If abc.com is just an "alias" you set up in your hosts file then no other person than yourself will be able to use abc.com to connect to 192.168.1.10.20, unless they have the same alias in their hosts file.
If you purchased a domain abc.com and set up it up to redirect to 192.168.10.20 it should work. But usually there are delays associated with updating a DNS so the time it takes for abc.com to be updated can take even a day.
Now if you have your colleagues on a different network (for example they want to connect from their homes when the laptop is connected to the internet at your place) it won't work with a bit of fiddling. Basically, when they try to connect the router gets a request from the client to connect to port 9080, but the router doesn't know what to do with it so nothing happens. You have to set up port forwarding in your routers settings so that all incoming traffic on port 9080 gets sent to 192.168.10.20.
And when they try to connect that way, they can not use the 192.168.10.20 ip adress, because it always refers to a adress on the local network. They have to use your external ip adress (google what is my ip adress).