Share via

Azure Web app to act as a of reverse proxy (with a fixed IP)

Greg Booth 81 Reputation points
2020-07-07T15:50:57.187+00:00

Hi
We need to make a web service call as follows:
a) System A makes a web service call to System B and gets data back.
Unfortunately system B needs system A to have a fixed IP address (this is how it authenticates - it will only accept requests from a know fixed IP). Unfortunately system A cannot have a fixed IP address (as its a Dynamics 365 portal - and these can have one of a massive range of IP addresses).

So we need to put something in the middle - such that
System A - calls to system C (which has a fixed IP address) - and then this makes the call to system B) - gets the result and sends the answer back to system A.

This sounds like the sort of thing you used to be able to do on our own network using IIS and ARR - but we want to do it on the internet - and it seems to be possible using an Azure web app with an Application Request Routing policy.

Has anyone done this - or is there a better way of doing this ?
Can anyone point me to some resources where we can learn how to set this up.

Azure App Service
Azure App Service
Azure App Service is a service used to create and deploy scalable, mission-critical web apps.
8,242 questions
0 comments

2 answers

Sort by: Most helpful
Most helpful Newest Oldest
  1. Matt Slater 6 Reputation points
    2020-07-08T08:07:56.383+00:00

    @goofygdog,

    A few options for you to consider:

    1. API Management

    You can use Azure API Management, which quickly provides an API Gateway directly in front of your Web App (so sits between System A and System B).
    API Management also has a static public IP Address.

    https://azure.microsoft.com/en-gb/updates/azure-api-management-now-supports-integration-with-azure-app-service/
    https://learn.microsoft.com/en-us/azure/api-management/get-started-create-service-instance

    Furthermore, if you do find that you ever need the originating IP address of System A, you can pass this to your backend using HTTP headers.
    API Management can be expensive though - depending on the scaling and performance needs of your service, so take this into consideration if this is a concern.

    2. NGINX Reverse Proxy

    An alternative approach is that you can deploy a second app service/container, which runs NGINX and can perform the work of a reverse proxy, and which sits directly in front of your System B. This is more involved, but will give you greater control.

    The following example describes setting up a reverse proxy to forward requests to a .NET Core 3.1 app, but the principle is the same with any backend service.
    https://learn.microsoft.com/en-us/aspnet/core/host-and-deploy/linux-nginx?view=aspnetcore-3.1

    Regards,
    Matt.

    1 person found this answer helpful.
    0 comments
  2. Krishnaraj Poojary 1 Reputation point
    2020-07-08T06:21:57.617+00:00

    Hi @goofygdog,

    Allowing your web app(system A's) outbound IPs on system B's firewall/IP restrictions is one of the option.

    Here is the link which might be helpful for you
    overview-inbound-outbound-ips

    0 comments

Your answer

Answers can be marked as Accepted Answers by the question author, which helps users to know the answer solved the author's problem.