Following on from this question: Static IP address in Azure API management Service
In the overview blade of the AMS there is an IP address listed. Virtual IP (VIP) addresses: public: xx.xxx.xx.xx
However,
(1) when I try to import an API definition - create from definition - OpenAPI, I get an error indicating the the API should be publicly accessible. App service has a whitelist and the IP from above has been added to it.
(2) I also get a forbidden error when trying to access an API operation, indicating an IP address is not on the whitelist.
So, If I run a trace in (2) the error displayed indicates another IP (not the one listed on the AMS overview blade) is not on the whitelist.
Adding this IP to my whitelists works. But I need to know why? Does the AMS need two static IPs? Where can I find this IP?
@IkhtesamAfrin I received the below error in the Trace, when I tried to run a test through the AMS.
ip-filter (0.021 ms) {"message": "Caller IP address was not on the allowed list. Access was denied.", "ip": "xx.xxx.xx.xxx"}
The same address (x) now appears in x-forwarded along with mine(y)
{"name": "X-Forwarded-For",
"value": "yy.yyy.yyy.yyy,xx.xxx.xx.xxx"},
<policies>
<inbound>
<ip-filter action="allow">
<address-range from="x" to="x" />
<address-range from="y" to="y" />
<address-range from="z" to="z" />
<address-range from="a" to="a" />
<address-range from="b" to="b" />
<address-range from="c" to="c" />
</ip-filter>
<set-header name="SecurityToken" exists-action="override">
<value>????</value>
</set-header>
<base />
</inbound>
<backend>
<base />
</backend>
<outbound>
<base />
</outbound>
<on-error>
<base />
</on-error>
</policies>
