Cell C - Static IP address

I need to present a static IP so that a client can white list it in their firewall. I am on ADSL and our IP is dynamic. A proxy seems like an easy enough way around this but the exit IP would need to be static. Does anyone have a proxy that does this (I can't figure out whether any proxies listed on Google have a single exit IP).
 
trancehead said:
I need to present a static IP so that a client can white list it in their firewall. I am on ADSL and our IP is dynamic. A proxy seems like an easy enough way around this but the exit IP would need to be static. Does anyone have a proxy that does this (I can't figure out whether any proxies listed on Google have a single exit IP).
Click to expand...

Only way to get static IPs on 3G is with a corporate APN. Both Vodacom and MTN offer them, but prepare for spending $$$.

What's the point of using a public proxy to limit your access from if it's public? You should rather be setting up a VPN.
 
morkhans said:
Only way to get static IPs on 3G is with a corporate APN. Both Vodacom and MTN offer them, but prepare for spending $$$.

What's the point of using a public proxy to limit your access from if it's public? You should rather be setting up a VPN.
Click to expand...

They have a firewall which blocks all IP addresses except those that are white listed. I can't white list my current IP as it would change to often. I suppose they might have a problem with opening an IP address that anybody has access to. Do you get private proxy services where only you have a single exiting IP address?
 
trancehead said:
I need to present a static IP so that a client can white list it in their firewall. I am on ADSL and our IP is dynamic. A proxy seems like an easy enough way around this but the exit IP would need to be static. Does anyone have a proxy that does this (I can't figure out whether any proxies listed on Google have a single exit IP).
Click to expand...

Well there are ways to bypass this but I am very sure that this client will not go for either one of them.

First option is to allow the Cell C network range but ja you are opening that up to all Cell C 3g users then, which is a bad thing.

The second option is for you to register a domain name with someone like DynDNS. If they are using IPtables or something similar they simply have to write a quick script to do an nslookup on that DNS name. Check if it has changes since the last check, if not do nothing, if it has delete old rule from firewall config and inject the new IP address. Schedule this to run via a cronjob every 10 minutes or however they feel is needed. You just need to make sure that your DNS client is working correctly and updates regularly. And there you go. A dynamic firewall rule to allow your IP. But don't even bother I can promise you they will not be keen to implement such a work around.

I have to ask what kind of a service is this that only "whitelisted" IPs are allowed to connect. In a case such as this I would setup a VPN and allow the people that need connections to come in via the VPN and then only allow the VPN access to the service. They are obviously worried about security but I don't think this is being implemented correctly. You can't create a system where only people with static IPs can connect to, it just isn't good service delivery.
 
The second option is for you to register a domain name with someone like DynDNS. If they are using IPtables or something similar they simply have to write a quick script to do an nslookup on that DNS name. Check if it has changes since the last check, if not do nothing, if it has delete old rule from firewall config and inject the new IP address. Schedule this to run via a cronjob every 10 minutes or however they feel is needed. You just need to make sure that your DNS client is working correctly and updates regularly. And there you go. A dynamic firewall rule to allow your IP. But don't even bother I can promise you they will not be keen to implement such a work around.
Click to expand...

It is a huge multi-national so they are unlikely to even consider this.

I have to ask what kind of a service is this that only "whitelisted" IPs are allowed to connect. In a case such as this I would setup a VPN and allow the people that need connections to come in via the VPN and then only allow the VPN access to the service. They are obviously worried about security but I don't think this is being implemented correctly. You can't create a system where only people with static IPs can connect to, it just isn't good service delivery.
Click to expand...

We do web development for them and their DEV and QA sites are behind the firewall. presumable they don't want people visiting these sites before they are live. I need to see it so that I can check that all my changes have gone through.
 
trancehead said:
It is a huge multi-national so they are unlikely to even consider this.



We do web development for them and their DEV and QA sites are behind the firewall. presumable they don't want people visiting these sites before they are live. I need to see it so that I can check that all my changes have gone through.
Click to expand...

If it is a huge multi-national they really should have a VPN solution in place which will solve your problem. The other option is for you to get a server hosted somewhere preferably one that allows you console access. Setup an authed proxy on this server, or tunnel your connection via this server or something like that.
 
We do have a server in the states that I could use. I just don't feel like trying to get a proxy up and running on it as it is a web server with clients websites on it.
 
Logo said:
If it is a huge multi-national they really should have a VPN solution in place which will solve your problem. The other option is for you to get a server hosted somewhere preferably one that allows you console access. Setup an authed proxy on this server, or tunnel your connection via this server or something like that.
Click to expand...

VPN should be the way to go.
 
You must log in or register to reply here.
Back
Top
Sign up to the MyBroadband newsletter
X