-->

Heroku app calling external web service on a VPN [

2020-07-09 06:44发布

站内文章 / 前沿技术

105 0

狗以群分

女 | 书童

私信

可以将文章内容翻译成中文,广告屏蔽插件可能会导致该功能失效(如失效，请关闭广告屏蔽插件后再试):

问题:

Closed. This question does not meet Stack Overflow guidelines. It is not currently accepting answers.

Want to improve this question? Update the question so it's on-topic for Stack Overflow.

Closed 2 years ago.

Improve this question

So, we have a Heroku app.
We have a web service running on an intranet.
That intranet needs a VPN connection for outsiders to connect.
We want our Heroku app to call the web service on the intranet, via VPN.

How would you tackle this?

Some thoughts....

Heroku doesn't seem to have a VPN client we can activate on our app :(

I'm aware some routers can handle the VPN gubbins for us. Is there an online service that let's us setup a VPN proxy to our intranet site?

Thanks in advance

回答1:

It's not going to be possible I'm afraid, certainly at least not via VPN. Heroku uses Amazon EC2 so you can't even narrow it down to an IP range to permit access. Heroku is a closed system so you can't install additional components so unless it's something accessible via http/https then it's a no go.

回答2:

I think you could use a static ip address add on to ensure your app connected via that ip address.

https://devcenter.heroku.com/articles/quotaguardstatic

But I don't know how that gets you to a VPN.

回答3:

If your company have Heroku Enterprise, looks like it could be done within Private Space: [https://blog.heroku.com/heroku_private_spaces_are_now_generally_available_within_heroku_enterprise]

[https://devcenter.heroku.com/articles/private-spaces]

Otherwise the easiest way I could think of is to spin up an proxy server in your DMZ that is restricted access from your Heroku app... with setting static IP suggestion above from mooreds.