You are viewing limited content. For full access, please sign in.

Question

Question

Limit Web Access external usage

Web Client Web Customizations How To
Updated July 24, 2017
asked on July 6, 2017

We have a client who has a LF 10 installation.  Their IIS server has a site that holds the WebAccess, Forms and Mobile sites.  They would like to limit WebAccess externally to certain users.  Some users would be able to use WebAccess internally and externally and others would be limited to internal only.  We thought of just removing the NAT rule, however that would break external access to Mobile, so that is out.

The current thought was to move WebAccess to its own IIS site on the same IIS Server.  This way we could bind a separate IP to it.  

For example:

            Mobile.acmecorp.com would hit IIS internally on 192.168.200.10 and resolve the IIS /mobile virtual directory

 WebAccess.acmecorp.com would hit IIS internally on 192.168.200.20 and resolve the IIS /Laserfiche virtual directory

We could then could NAT only Mobile.acmecorp.com through the firewall and prevent external WebAccess functionality.  For those users who need it, they have an existing Microsoft RDS WebApp environment where we could publish WebAccess to those users who should have external access to it.

We tried to implement the above, but wound up with some strange IIS issues and some errors regarding the virtual directories in IIS.

Has anyone implemented such a solution or had to limit access in the manner?

0 0

Replies

replied on July 11, 2017

Has anyone run into this before?

0 0
replied on July 24, 2017

A reverse proxy should allow you to do smarter url-based filtering than a firewall, so you could have it return 404's for everything under /laserfiche.

0 0
You are not allowed to follow up in this post.

Sign in to reply to this post.

Details
Related Posts
Loading ...