0

We have an Android App and a website that requires connection to local database.

Working Scenario is

Online Website (.net) is in one dedicated virtual server with public ip. Then we have another public ip mapped to a local Server that has database access. So there we configured API through IIS. So any request coming to database from online website goes through this. In this way I can limit public access to the local IIS Server only from dedicated server ip.

Now my problem is in Mobile app, app has no connection to online website. So any database request from the app is going through "public ip mapped local server". So in this case cannot limit the public ip's in firewall to access the local server.

What should I do, please help me

Connectivity Diagram

js777
  • 1
  • 2
  • So the mobile app is directly accessing the database using a database protocol? A better design would be to provide a REST interface on the web-server that is used by mobile app and web-site. – Robert Jan 30 '21 at 11:51
  • @Robert IIS API webserver is configured in local server mapped to public ip, Mobile app is communicating through that to database. I need a setup that limit the access to that public ip, now I have to allow every one for the app. Is there a way I can deploy this in dedicated server and communicate to database through local server. – js777 Jan 30 '21 at 12:17
  • Sorry based on your description the server-set-up and the connections are not clear to me. May be I am missing the necessary background to understand it. – Robert Jan 30 '21 at 12:33
  • @Robert please check the image. – js777 Jan 30 '21 at 12:48
  • Sorry but I still don't understand your problem. If the web server should be accessible by any mobile device running your app of course you can not restrict access on IP level - that is kind of obvious. You need an authentication system on web server level that allows only authorized users (no matter if they use the app or the web site). – Robert Jan 30 '21 at 13:04
  • @robert we have authentication in webserver to allow only authorized users, but I'm afraid of this all traffic hitting to our firewall. We have a dedicated virtual server with public ip, so is there any way we can copy this API there and point that to internal webserver. In that case I can only allow that IP in our firewall – js777 Jan 30 '21 at 13:19

0 Answers0