I need to know all of Google's IMAP subnet addresses so I can allow bidirectional traffic on my company's firewall between ALL of Google's IMAP subnets and a specific internal client.
I've executed the command nslookup imap.gmail.com and received the following IP addresses in the results:
108.177.122.108
108.177.122.109
74.125.21.108
74.125.21.109
74.125.136.108
74.125.136.109
I want to make sure that I don't miss any IP addresses/subnets when I create the firewall rule on my company's firewall.
Related
Version 2 App service environment gives 1 outbound IP
But with ver,3 isolated App service Environment I get 2 outbound IP.
background : I need to whitelist the outbound IP, and I would prefer to just whitelist 1 IP instead of 2.
Can i delete one of the outbound IP?
With isolated, seems like i cannot use virtual network NAT gateway to direct traffic through a static public IP address (app service
vnet integration is greyed out)?
Thanks, Peter
Can i delete one of the outbound IP?
There are 2 outbound IPs because there are 2 load balancers in the infra vnet for ASEv3. One IP is for the infra roles (Multi,FE, etc) and the other is for the workers outbound connection. We provide both as outbound ips because outbound traffic could come from the workers (in the case of app outbound traffic) or from the infra layer (like getting KV references in custom dns suffix).
Below is an ASEv3 architecture diagram.
You should account for both IPs or you may run the risk of blocking necessary traffic.
With isolated, seems like i cannot use virtual network NAT gateway to
direct traffic through a static public IP address (app service vnet
integration is greyed out)?
For more details see: https://learn.microsoft.com/en-us/azure/app-service/networking/nat-gateway-integration
There is a VPC connector enabled Route all traffic through the VPC connector and a firewall rule to allow all egress traffic for the VPC. Still, I am not able to connect to the RabbitMQ instance(cloudamqp) due to timeout.
I realized that the issue is about using Cloud Run VPC accessor for all traffic without a NAT gateway. After creating a NAT gateway for the related VPC, the issue resolved.
Using the VPC accessor for only the internal traffic can also help in this case. But, if you need to use static IP to route outbound requests to external endpoints then you have to use Cloud Run + all traffic through VPC Accessor + NAT.
I have an ASP.Net MVC project that is running under IIS. I can reach it using local IP and port. I bind it with my IP and port.
What should I do to reach it with my public IP and port like http://PUBLICIP:PORT
When I try to reach it says connection error with code 502.
This is what I tried so far.
Adding my local IP to router's DMZ Adding
Port forwarding with port and my local IP
Add inbound and outbound rules to Firewall, inbound rules allow edge
traversal.
Turning off firewall, windows defender etc.
Do I need any features to install when I try to reach IIS externally?
Thanks all.
I'm trying to establish a connection with a diameter server. That server has a restriction parameter of "peer port"
Which means source port of my outgoing traffic should be restricted to a specific port.
Since I'm using an erlang diameter client, I didn't find any parameter to specify the outgoing port. It will initiate the connection with a random port to the destination ip:port.
Is there a way to translate my outgoing traffic to that ip locally to a specific port from linux?, so that the external server will see my source port as the allowed port.
You should apply a NAT at the sender side. Read this thread, it explains how to do it with iptables.
I have a silverlight->server communication system up that uses port 4530 among others. I've used no-ip.org to redirect traffic to my home server. Is there anyway to use no-ip (or is there another service like it?) to allow me to ping off an ip at port 4530 etc, and send it to my dynamic ip?