How to restrict a page to only be accessed through a VPNConnecting to VPN through a custom clientaccessing vpn database through eclipseHow to Access Database from server through a VPNVPN and local web accessHow to add own VPN settings to system VPN settings page?Access FTP server through vpn in ios applicationHow to remember password in FortiClient VPN?How to restrict the access IP of VPN usersLaravel API only accessible via vpnRestricting clients to 1 connection on multiple vpn servers
Where can I go to avoid planes overhead?
In Stroustrup's example, what does this colon mean in `return 1 : 2`? It's not a label or ternary operator
What does 'made on' mean here?
Floor of Riemann zeta function
How long would it take for people to notice a mass disappearance?
How can internet speed be 10 times slower without a router than when using a router?
Nominativ or Akkusativ
Did we get closer to another plane than we were supposed to, or was the pilot just protecting our delicate sensibilities?
Does a picture or painting work with Wild Shape?
How do inspiraling black holes get closer?
Is there an idiom that support the idea that "inflation is bad"?
How to increase the size of the cursor in Lubuntu 19.04?
Adjacent DEM color matching in QGIS
What to use instead of cling film to wrap pastry
Should homeowners insurance cover the cost of the home?
Why are UK Bank Holidays on Mondays?
What was Bran's plan to kill the Night King?
What does this wavy downward arrow preceding a piano chord mean?
Out of scope work duties and resignation
Can my company stop me from working overtime?
Can there be a single technologically advanced nation, in a continent full of non-technologically advanced nations?
I need a disease
Pressure inside an infinite ocean?
Emotional immaturity of comic-book version of superhero Shazam
How to restrict a page to only be accessed through a VPN
Connecting to VPN through a custom clientaccessing vpn database through eclipseHow to Access Database from server through a VPNVPN and local web accessHow to add own VPN settings to system VPN settings page?Access FTP server through vpn in ios applicationHow to remember password in FortiClient VPN?How to restrict the access IP of VPN usersLaravel API only accessible via vpnRestricting clients to 1 connection on multiple vpn servers
.everyoneloves__top-leaderboard:empty,.everyoneloves__mid-leaderboard:empty,.everyoneloves__bot-mid-leaderboard:empty height:90px;width:728px;box-sizing:border-box;
My goal is to make the route /secret only accessible if you are signed on to my VPN.
I have a sophos utm vpn running.
I have a VPC with ipv4 cidr 172.15.0.0/16. My sophos vpn uses subnets 172.15.2.0/24 and 172.15.3.0/24.
My application is deployed as 3 microservices in an ECS cluster: a front-end that has nginx running, a backend, and a proxy service that handles requests from the browser to the backend.
My nginx configuration is like this:
server
listen 80;
root /app/dist;
try_files /system/maintenance.html $uri $uri/index.html $uri.html;
server_tokens off;
location /
try_files $uri /index.html =404;
add_header Cache-Control "public";
gzip on;
gzip_min_length 1024;
expires 15m;
gzip_types
text/plain
text/css
application/javascript
application/x-javascript;
location ~* .js
expires 48h;
location = /secret
# allow the VPN
allow 172.15.2.0/24;
allow 172.15.3.0/24;
deny all;
location /ping
default_type text/plain;
return 200 "pingn";
/secret is indeed blocked when off the vpn... but it's also blocked when I'm on the vpn.
In my logs, when I try to hit the endpoint, I see [error] 6#6: *10 access forbidden by rule, client: 10.1.12.6, server: , request: "GET /secret HTTP/1.1", host: "myhost.com"
That 10.1.12.6 ip address, however, is just the internal ip address of the application in ECS.
How can I correctly use my vpn to restrict access to a route?
vpn vpc
asked Mar 22 at 23:59
swagrovswagrov
667317
add a comment |
My goal is to make the route /secret only accessible if you are signed on to my VPN.
I have a sophos utm vpn running.
I have a VPC with ipv4 cidr 172.15.0.0/16. My sophos vpn uses subnets 172.15.2.0/24 and 172.15.3.0/24.
My application is deployed as 3 microservices in an ECS cluster: a front-end that has nginx running, a backend, and a proxy service that handles requests from the browser to the backend.
My nginx configuration is like this:
server
listen 80;
root /app/dist;
try_files /system/maintenance.html $uri $uri/index.html $uri.html;
server_tokens off;
location /
try_files $uri /index.html =404;
add_header Cache-Control "public";
gzip on;
gzip_min_length 1024;
expires 15m;
gzip_types
text/plain
text/css
application/javascript
application/x-javascript;
location ~* .js
expires 48h;
location = /secret
# allow the VPN
allow 172.15.2.0/24;
allow 172.15.3.0/24;
deny all;
location /ping
default_type text/plain;
return 200 "pingn";
/secret is indeed blocked when off the vpn... but it's also blocked when I'm on the vpn.
In my logs, when I try to hit the endpoint, I see [error] 6#6: *10 access forbidden by rule, client: 10.1.12.6, server: , request: "GET /secret HTTP/1.1", host: "myhost.com"
That 10.1.12.6 ip address, however, is just the internal ip address of the application in ECS.
How can I correctly use my vpn to restrict access to a route?
vpn vpc
asked Mar 22 at 23:59
swagrovswagrov
667317
add a comment |
My goal is to make the route /secret only accessible if you are signed on to my VPN.
I have a sophos utm vpn running.
I have a VPC with ipv4 cidr 172.15.0.0/16. My sophos vpn uses subnets 172.15.2.0/24 and 172.15.3.0/24.
My application is deployed as 3 microservices in an ECS cluster: a front-end that has nginx running, a backend, and a proxy service that handles requests from the browser to the backend.
My nginx configuration is like this:
server
listen 80;
root /app/dist;
try_files /system/maintenance.html $uri $uri/index.html $uri.html;
server_tokens off;
location /
try_files $uri /index.html =404;
add_header Cache-Control "public";
gzip on;
gzip_min_length 1024;
expires 15m;
gzip_types
text/plain
text/css
application/javascript
application/x-javascript;
location ~* .js
expires 48h;
location = /secret
# allow the VPN
allow 172.15.2.0/24;
allow 172.15.3.0/24;
deny all;
location /ping
default_type text/plain;
return 200 "pingn";
/secret is indeed blocked when off the vpn... but it's also blocked when I'm on the vpn.
In my logs, when I try to hit the endpoint, I see [error] 6#6: *10 access forbidden by rule, client: 10.1.12.6, server: , request: "GET /secret HTTP/1.1", host: "myhost.com"
That 10.1.12.6 ip address, however, is just the internal ip address of the application in ECS.
How can I correctly use my vpn to restrict access to a route?
vpn vpc
asked Mar 22 at 23:59
swagrovswagrov
667317
My goal is to make the route /secret only accessible if you are signed on to my VPN.
I have a sophos utm vpn running.
I have a VPC with ipv4 cidr 172.15.0.0/16. My sophos vpn uses subnets 172.15.2.0/24 and 172.15.3.0/24.
My application is deployed as 3 microservices in an ECS cluster: a front-end that has nginx running, a backend, and a proxy service that handles requests from the browser to the backend.
My nginx configuration is like this:
server
listen 80;
root /app/dist;
try_files /system/maintenance.html $uri $uri/index.html $uri.html;
server_tokens off;
location /
try_files $uri /index.html =404;
add_header Cache-Control "public";
gzip on;
gzip_min_length 1024;
expires 15m;
gzip_types
text/plain
text/css
application/javascript
application/x-javascript;
location ~* .js
expires 48h;
location = /secret
# allow the VPN
allow 172.15.2.0/24;
allow 172.15.3.0/24;
deny all;
location /ping
default_type text/plain;
return 200 "pingn";
/secret is indeed blocked when off the vpn... but it's also blocked when I'm on the vpn.
In my logs, when I try to hit the endpoint, I see [error] 6#6: *10 access forbidden by rule, client: 10.1.12.6, server: , request: "GET /secret HTTP/1.1", host: "myhost.com"
That 10.1.12.6 ip address, however, is just the internal ip address of the application in ECS.
How can I correctly use my vpn to restrict access to a route?
vpn vpc
vpn vpc
asked Mar 22 at 23:59
swagrovswagrov
667317
asked Mar 22 at 23:59
swagrovswagrov
667317
asked Mar 22 at 23:59
swagrovswagrov
667317
asked Mar 22 at 23:59
swagrovswagrov
667317
asked Mar 22 at 23:59
swagrovswagrov
667317
667317
add a comment |
add a comment |
0
active
oldest
votes
Your Answer
StackExchange.ifUsing("editor", function ()
StackExchange.using("externalEditor", function ()
StackExchange.using("snippets", function ()
StackExchange.snippets.init();
);
);
, "code-snippets");
StackExchange.ready(function()
var channelOptions =
tags: "".split(" "),
id: "1"
;
initTagRenderer("".split(" "), "".split(" "), channelOptions);
StackExchange.using("externalEditor", function()
// Have to fire editor after snippets, if snippets enabled
if (StackExchange.settings.snippets.snippetsEnabled)
StackExchange.using("snippets", function()
createEditor();
);
else
createEditor();
);
function createEditor()
StackExchange.prepareEditor(
heartbeatType: 'answer',
autoActivateHeartbeat: false,
convertImagesToLinks: true,
noModals: true,
showLowRepImageUploadWarning: true,
reputationToPostImages: 10,
bindNavPrevention: true,
postfix: "",
imageUploader:
brandingHtml: "Powered by u003ca class="icon-imgur-white" href="https://imgur.com/"u003eu003c/au003e",
contentPolicyHtml: "User contributions licensed under u003ca href="https://creativecommons.org/licenses/by-sa/3.0/"u003ecc by-sa 3.0 with attribution requiredu003c/au003e u003ca href="https://stackoverflow.com/legal/content-policy"u003e(content policy)u003c/au003e",
allowUrls: true
,
onDemand: true,
discardSelector: ".discard-answer"
,immediatelyShowMarkdownHelp:true
);
);
Sign up or log in
StackExchange.ready(function ()
StackExchange.helpers.onClickDraftSave('#login-link');
);
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Required, but never shown
StackExchange.ready(
function ()
StackExchange.openid.initPostLogin('.new-post-login', 'https%3a%2f%2fstackoverflow.com%2fquestions%2f55309248%2fhow-to-restrict-a-page-to-only-be-accessed-through-a-vpn%23new-answer', 'question_page');
);
Post as a guest
Required, but never shown
0
active
oldest
votes
0
active
oldest
votes
active
oldest
votes
active
oldest
votes
Thanks for contributing an answer to Stack Overflow!
- Please be sure to answer the question. Provide details and share your research!
But avoid …
- Asking for help, clarification, or responding to other answers.
- Making statements based on opinion; back them up with references or personal experience.
To learn more, see our tips on writing great answers.
Sign up or log in
StackExchange.ready(function ()
StackExchange.helpers.onClickDraftSave('#login-link');
);
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Required, but never shown
StackExchange.ready(
function ()
StackExchange.openid.initPostLogin('.new-post-login', 'https%3a%2f%2fstackoverflow.com%2fquestions%2f55309248%2fhow-to-restrict-a-page-to-only-be-accessed-through-a-vpn%23new-answer', 'question_page');
);
Post as a guest
Required, but never shown
Sign up or log in
StackExchange.ready(function ()
StackExchange.helpers.onClickDraftSave('#login-link');
);
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Required, but never shown
Sign up or log in
StackExchange.ready(function ()
StackExchange.helpers.onClickDraftSave('#login-link');
);
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Required, but never shown
Sign up or log in
StackExchange.ready(function ()
StackExchange.helpers.onClickDraftSave('#login-link');
);
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
