防火墙前面的Internet服务器与防火墙C#之后的服务器进行通信
[英]Internet Server in front of Firewall communicating to server behind firewall C#
问题描述
Okay so this is probably a very confusing title for this question I am sure. 
好的,我敢肯定,这可能是这个问题的标题。 Hopefully I can clear up that title with the actual question. 希望我可以用实际的问题来澄清那个标题。
I am putting together a website for employees to connect to that is internet facing but I want them to be able to log into the site using their Active Directory login as well as access data that will be behind a firewall that is not accessible to our internet facing sites. 我正在建立一个供员工连接的面向Internet的网站,但我希望他们能够使用其Active Directory登录名登录该站点,并访问位于我们的Internet无法访问的防火墙后面的数据面对网站。 Someone made mention to me that I could have the site communicate with a server behind the firewall and have that server make the requests back and forth. 有人提到我,我可以让站点与防火墙后面的服务器通信,并让该服务器来回发送请求。 (Sort of a check point) So now that the back story to this is out there, I am not really looking for how to configure the server's or the network itself but rather how would one make an API call to an Intranet server from an Internet server? (检查点的排序)所以现在为止,我没有真正在寻找如何配置服务器或网络本身,而是如何从Internet进行API调用Intranet服务器服务器? They will be on the same network but one behind the firewall and the other in front of the firewall. 它们将位于同一网络上,但一个在防火墙后面,另一个在防火墙前面。 Would you make the call directing to the server name or IP address or what? 您会直接呼叫服务器名称或IP地址还是什么? This may be too premature of a question to be asking since I still don't have the servers setup but none-the-less it is a concern I am having and need to figure out. 这可能是一个太早的问题,无法提出,因为我仍然没有设置服务器,但是尽管如此,我仍然有这个问题,需要弄清楚。
This site is going to be all done in ASP.NET MVC 4 该站点将全部在ASP.NET MVC 4中完成
1 个解决方案
解决方案1
0 已采纳 2014-01-02 19:02:58
The best way to accomplish this type of a setup is via firewall and/or domain configuration. 完成此类设置的最佳方法是通过防火墙和/或域配置。 Most recently I have seen this implemented by first creating a one way trust relationship between the external and internal domains, this will serve to allow the external application to resolve the address of the internal server by name. 最近,我看到了通过首先在外部和内部域之间创建单向信任关系来实现此目的的方法,这将使外部应用程序可以按名称解析内部服务器的地址。
Theoretically you could also accomplish this by using port forwarding on the firewall; 从理论上讲,您也可以通过在防火墙上使用端口转发来完成此操作。 in this configuration the external application will use the address of the firewall and the firewall will take care of sending the request to the correct server. 在此配置中,外部应用程序将使用防火墙的地址,并且防火墙将负责将请求发送到正确的服务器。
Once this confiugration is in place your external application should be able to communicate directly with your internal servers without any special code. 一旦配置成功,您的外部应用程序就应该能够直接与内部服务器通信,而无需任何特殊代码。
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.