IP addresses for traffic from Google App
750 views
Skip to first unread message
liu
Jun 30, 2011, 4:50:53 AM6/30/11
to Google App Engine
Dear all,
We are setting up a network locally which is protected by a firewall,
and we also have an application running on Google app engine to pull
the data out of the network remotely. The problem is how I can
whitelist the IP addresses for the traffic flow between the local
network and the application running on google app engine please? I
can't find any IP address range for the google app engine, so that I
can put them in the allowable list at the firewall.
Any helps and suggestions are highly appreciated.
Best regards,
Liu
We are setting up a network locally which is protected by a firewall,
and we also have an application running on Google app engine to pull
the data out of the network remotely. The problem is how I can
whitelist the IP addresses for the traffic flow between the local
network and the application running on google app engine please? I
can't find any IP address range for the google app engine, so that I
can put them in the allowable list at the firewall.
Any helps and suggestions are highly appreciated.
Best regards,
Liu
Barry Hunter
Jun 30, 2011, 7:25:20 AM6/30/11
to google-a...@googlegroups.com
This sounds like an application for the Secure data connector
http://code.google.com/securedataconnector/
If you where to whitelist appengines many IPs - you would be opening
up your firewall to anyone with a app on appengine - or even access to
a comprismised or low security app. (think shell.appspot.com )
> --
> You received this message because you are subscribed to the Google Groups "Google App Engine" group.
> To post to this group, send email to google-a...@googlegroups.com.
> To unsubscribe from this group, send email to google-appengi...@googlegroups.com.
> For more options, visit this group at http://groups.google.com/group/google-appengine?hl=en.
>
>
liu
Jul 6, 2011, 8:49:15 AM7/6/11
to Google App Engine
Hi Barry,
Thank you so much for your response. I have looked through the SDC,
and realised that it only supports linux installation, which is not
possible on our windows machine.
We are doing a big commercial project in which a large Wireless Sensor
Network is deployed at a UK based global semiconductor company site to
monitor the energy usage, but the problem is we have to give them
valid IP address for Google App Engine apps in order for them to
whitelist them at the firewall. So we can send inbound and outbound
data through firewall between WSN and GAE apps. Otherwise, the
firewall will block any traffic from the apps residing at Google App
Engine.
I was not able to find such information from GAE doc, so I would like
to have any helps from you guys. Since this is a big commercial
project using GAE service, so it is really urgent and important for us
to nail down this issue asap.
Many thanks,
Best regards,
Ruoshui
> > For more options, visit this group athttp://groups.google.com/group/google-appengine?hl=en.- Hide quoted text -
>
> - Show quoted text -
Thank you so much for your response. I have looked through the SDC,
and realised that it only supports linux installation, which is not
possible on our windows machine.
We are doing a big commercial project in which a large Wireless Sensor
Network is deployed at a UK based global semiconductor company site to
monitor the energy usage, but the problem is we have to give them
valid IP address for Google App Engine apps in order for them to
whitelist them at the firewall. So we can send inbound and outbound
data through firewall between WSN and GAE apps. Otherwise, the
firewall will block any traffic from the apps residing at Google App
Engine.
I was not able to find such information from GAE doc, so I would like
to have any helps from you guys. Since this is a big commercial
project using GAE service, so it is really urgent and important for us
to nail down this issue asap.
Many thanks,
Best regards,
Ruoshui
>
> - Show quoted text -
Robert Kluin
Jul 6, 2011, 11:41:39 AM7/6/11
to google-a...@googlegroups.com
Sounds like you'll need a proxy with a fixed ip running elsewhere if
SDC won't work.
SDC won't work.
Robert
--
------
Robert Kluin
Ezox Systems, LLC
Nick Johnson (Google)
Jul 6, 2011, 7:57:45 PM7/6/11
to google-a...@googlegroups.com
Hi Ruoshui,
App Engine will make outgoing HTTP requests from a subset of the addresses returned by the TXT record _netblocks.google.com. Note that these can change at any time, so you can't simply fetch the list as it stands now and assume that will continue to be the case.
IP-based authentication is a poor choice here, as you will open yourself up to access by any App Engine application. Instead, you should implement a proper authentication system and use that instead of relying on IP ranges for your security.
-Nick Johnson
--
Nick Johnson, Developer Programs Engineer, App Engine
Nick Johnson, Developer Programs Engineer, App Engine
Reply all
Reply to author
Forward
0 new messages