I am a newbie and this is my first post. My knowledge in this area is shallow at best.
We have recently added a second static IP (arcgis.example.com) from the internet service provider to our network for a new application. We put the new IP address as an “alias” and then configure the firewall rules to redirect any tcp traffic on 80 and 443 ports to the internal server (192.168.0.21) that services the application.
This is working fine when the service requests are coming from the RED zone (VPN tunneled or not) in the form of: https://arcgis.example.com/arcgis/...
The problem is when the same requests are coming from inside the firewall. The requests are immediately directed to the internal server (192.168.0.21). Because of the app’s security (certificate specific?) requirements, translation of https://arcgis.example.com/arcgis/... to https://192.168.0.21/arcgis/... gives error 400.
Is there a way to route the service calls on https://arcgis.example.com/arcgis/... from the GREEN to RED, by-passing the internal redirection to 192.168.0.21?
the firewall won’t redirect anything here. The browser address line should still show the domain name.
If not, maybe it has cached a previous response from the web browser or the web server behaves differently when the source IP address is from the local subnet?
It sounds like you have the firewall configured correctly.
My original post was a bit misleading… The URL in the browser address bar did NOT change to local server address. But I was assuming internally the request had been routed to the local server.
But anyway, from the Green Zone, accessing https://arcgis.example.com/arcgis/... led to
Thinking like a newbie, I was wondering if there was a way that the Green Traffic to that specific domain arcgis.example.com could be routed to RED zone before it comes back inside Green zone?
