| Posted by Diji1, 10-29-2012, 07:24 AM | | Hi - first of all I'm not even sure if this is possible. I can't find a lot of information regarding it but it maybe because I just don't know what to search for. I'm fairly proficient with computers though.
This is what I want to know how to do:
Say I have a server running Windows Server (can be 2003 or 2008 if it matters). The server has multiple IP addresses allocated to it.
I want to use the IP addresses *as if they were remote high anonymous proxies*. I want all traffic to and from each application to use the same IP address and I want to be able to add the IP addresses to applications in the same way I would a remote proxy (presumably using 127.0.0.1:port)
So for each 127.0.0.1:port address traffic travels like so:
application <-> localhost <-> internet facing IP address <-> remote site
Is this even possible? I know I can do this using a seperate Linux VPS running squid but I'm curious as to if it can be done on one server running windows.
|
| Posted by jwieder, 10-29-2012, 12:38 PM | | Can you clarify what you mean by "remote high anonymous proxies"?
I imagine that introducing a VPN server role would accomplish most of what you want to do, which based on the description I understand to be introducing NAT into a secure server environment.
With a VPN, applications are assigned a private IP, which is translated to a public/routable end point IP address. The routable IP can be configured on the server (using for example L2TP server role), or at a router or VPN appliance configured between the server and its outbound network connection.
If anything else is required by your project, let us know!
|
| Posted by Diji1, 10-29-2012, 03:42 PM | | High anonymous proxy" (also known as Level 1 or L1 proxy) means it doesn't reveal the originating IP or that the IP is a proxy - I realise revealing the originating IP is irrelevant in this case obviously since it's allocated to the server.
The problem with using a VPN setup is that multiple IP's cannot be used simultaneously. Various applications (for example Scrapebox) take lists of proxies and run threads across simultaneous IP's.
|
| Posted by Diji1, 10-29-2012, 04:29 PM | | Various applications (for example Scrapebox) take lists of proxies and run simultaneous threads across IP's (means tasks get done 10x faster using 10 threads vs. 1).**
Sorry, last sentence makes more sense like this ... kinda annoying how you cannot edit posts after 15 minutes here.
|
| Posted by BestServerSupport, 10-30-2012, 08:53 AM | | If you really want a proxy that offers high anonymity - you have to either know a system administrator who can set up and configure it for you or you have to pay for someone to run it properly, securely and discretely.
|
| Posted by Diji1, 10-30-2012, 09:20 AM | | Well sure - in the proxy world this level of being "anonymous" (hiding source IP and not being detectable as a proxy) is referred to as 'high anonymous' or L1. That's just what it's called amongst lay people.
No one's going to be hacking the pentagon using them though
|
| Posted by jwieder, 10-30-2012, 02:03 PM | | Hi Diji -
Thank you for the clarification. I'm still not entirely clear on the details but perhaps this will help:
"The problem with using a VPN setup is that multiple IP's cannot be used simultaneously." - I'm not entirely sure about this. PPTP VPNs can have a pool of local IP addresses that are used for the local side of the connection, and there is no exclusive remote end point IP address that is needed to stay static in the way that a site to site VPN requires. The same goes for public IP assignment (PPTP allows for multiple publicly routable IPs to serve the connections) Some customization would be required to have your application initiate a tunnel, and because I'm not sure what the application is, I'm not sure if you will have control over the other side of the connection.
Other options worth exploring - ARR and NLB. Both provide for the ability to create rule based routing with NAT. I have used software load balancers to divy up localhost traffic (ldirectord in CentOS) but I have not with Windows - I'm not sure if you can, say, use ARR to configure localhost routing rules or if it forces you to use hosts other than the host running the LB (I've just never had a reason to try to configure it that way with Windows), like how adding a VPN server role forces you to use a second NIC even if it is not technically required. Anyway, those options might be worth exploring a bit. The last possibility that comes to mind, is possibly writing your own project using WCF(WS-Addressing).
Hope these ideas help. Windows servers are not commonly used for these types of projects, due to GUI resource overhead. Perhaps that will start to change a bit with the release of Server Core with 2012, which is command line and powershell only (no gui!)
|
| Posted by Diji1, 10-30-2012, 04:19 PM | | Ah, now that's interesting - at least it gives me something to look at further anyhow. If correct that sounds like it could work in theory anyhow.
Thanks!
|
|
 Add to Favourites
 Print this Article
|
