My organization has a firewall policy straight outta the 90s. They'll only allow for for static IP to static IP traffic rules over single ports. This is in conflict with modern cloud CICD where you don't know ahead of time what IP you're gonna get in a private subnet when doing a new build.
Our work around was to configure HA proxy to be a reverse load balancer and do creative packet forwarding. Need to access an Oracle database on prem? Bind port 8877 to point that that databases IP on port 1521 and submit a firewall rule request.
Our work around was to configure HA proxy to be a reverse load balancer and do creative packet forwarding. Need to access an Oracle database on prem? Bind port 8877 to point that that databases IP on port 1521 and submit a firewall rule request.