• Visitors can check out the Forum FAQ by clicking this link. You have to register before you can post: click the REGISTER link above to proceed. To start viewing messages, select the forum that you want to visit from the selection below. View our Forum Privacy Policy.
  • Want to receive the latest contracting news and advice straight to your inbox? Sign up to the ContractorUK newsletter here. Every sign up will also be entered into a draw to WIN £100 Amazon vouchers!

Any Azure Guru's among the forums?

Collapse
X
  •  
  • Filter
  • Time
  • Show
Clear All
new posts

    Any Azure Guru's among the forums?

    I have an instance on azure that I would like to restrict who can access it, I have created an inbound rule which whitelists the source by IP, but as I am not on a static IP ideally I'd like to use a DNS name to whitelist access, is this possible? If not is there an alternative, I am looking at my ISP for a static IP but hoping for another route if they say no, or if I change ISP down the line
    Originally posted by Stevie Wonder Boy
    I can't see any way to do it can you please advise?

    I want my account deleted and all of my information removed, I want to invoke my right to be forgotten.

    #2
    Originally posted by SimonMac View Post
    I have an instance on azure that I would like to restrict who can access it, I have created an inbound rule which whitelists the source by IP, but as I am not on a static IP ideally I'd like to use a DNS name to whitelist access, is this possible? If not is there an alternative, I am looking at my ISP for a static IP but hoping for another route if they say no, or if I change ISP down the line
    No it’s why I use virgin business broadband. Equally however your ip address usually doesn’t change that often
    Last edited by eek; 29 November 2017, 20:15.
    merely at clientco for the entertainment

    Comment


      #3
      Originally posted by SimonMac View Post
      I have an instance on azure that I would like to restrict who can access it, I have created an inbound rule which whitelists the source by IP, but as I am not on a static IP ideally I'd like to use a DNS name to whitelist access, is this possible? If not is there an alternative, I am looking at my ISP for a static IP but hoping for another route if they say no, or if I change ISP down the line
      You can use a dynamic DNS service. Lots of free ones around if you google, or paid ones that support multiple addresses / domains etc.

      They assign you a DNS name entry against the initial IP you give them and run a client on the machine you need access for that automatically detects IP changes and update the DNS in real time.
      "Being nice costs nothing and sometimes gets you extra bacon" - Pondlife.

      Comment


        #4
        We have some sub contractors in a similiar boat connecting to multiple differernt azure subscriptions. (Infact when we had it opened, there was a large number of brute force connections against servers with public IPs)

        The way we got around it was to setup a Point to Site VPN and they connect in to where they are required. We then lock down the environments to only local IPs.

        Comment


          #5
          Originally posted by DaveB View Post
          You can use a dynamic DNS service. Lots of free ones around if you google, or paid ones that support multiple addresses / domains etc.

          They assign you a DNS name entry against the initial IP you give them and run a client on the machine you need access for that automatically detects IP changes and update the DNS in real time.
          I use noip.com to give me the DNS name, and any IP changes get picked up automatically (I am using this to VPN into my network) I just wanted to be able to set the inbound rule on Azure to the DNS name rather than an IP address.

          Originally posted by ctm View Post
          We have some sub contractors in a similiar boat connecting to multiple differernt azure subscriptions. (Infact when we had it opened, there was a large number of brute force connections against servers with public IPs)

          The way we got around it was to setup a Point to Site VPN and they connect in to where they are required. We then lock down the environments to only local IPs.
          I think this will have to be the solution I use
          Originally posted by Stevie Wonder Boy
          I can't see any way to do it can you please advise?

          I want my account deleted and all of my information removed, I want to invoke my right to be forgotten.

          Comment


            #6
            Originally posted by SimonMac View Post
            I use noip.com to give me the DNS name, and any IP changes get picked up automatically (I am using this to VPN into my network) I just wanted to be able to set the inbound rule on Azure to the DNS name rather than an IP address.



            I think this will have to be the solution I use
            How about this?

            https://blogs.endjin.com/2014/09/res...-whitelisting/
            "Being nice costs nothing and sometimes gets you extra bacon" - Pondlife.

            Comment


              #7
              Originally posted by DaveB View Post
              That would be perfect, if I was using IIS, even if I was using Apache it would be possible using .htaccesss, but it's a Splunk instance which uses something called CherryPy for it's webserver
              Originally posted by Stevie Wonder Boy
              I can't see any way to do it can you please advise?

              I want my account deleted and all of my information removed, I want to invoke my right to be forgotten.

              Comment


                #8
                Originally posted by SimonMac View Post
                That would be perfect, if I was using IIS, even if I was using Apache it would be possible using .htaccesss, but it's a Splunk instance which uses something called CherryPy for it's webserver
                Well if you'd said that in the first place.....
                "Being nice costs nothing and sometimes gets you extra bacon" - Pondlife.

                Comment


                  #9
                  Originally posted by DaveB View Post
                  Well if you'd said that in the first place.....
                  I was trying to set it at the Azure level, not the VM level
                  Originally posted by Stevie Wonder Boy
                  I can't see any way to do it can you please advise?

                  I want my account deleted and all of my information removed, I want to invoke my right to be forgotten.

                  Comment


                    #10
                    You could do it with the firewalls available on the marketplace. But not sure there is quite the business case for the cost.

                    The cisco ASA-v would do this for example.

                    Comment

                    Working...
                    X