This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Custom HTTPS port not showing up in URL

I am trying to publish an internal web server over the WAF. The setup is as follows:

  • Internal name: server.company.local , reachable via Port 8089.
  • External name: server.company.com (I have a public DNS record pointing to my static public ip).
  • I've created a real webserver with the internal hostname / IP as the host, Type: HTTP and port 8089.
  • I've created a virtual webserver with type: 'HTTPS & Redirect', port 8089 and a valid letsencrypt certificate for the public name.

I can access the website and login, so that worked. The first problem was that any link on the website pointed to the internal hostname. I resolved this by activating "Pass host header" in the virtual webserver. Now the links point to the correct hostname but the custom port (8089) is missing so when I click on a link it tries to establish the connection via port 443. What am I missing?



This thread was automatically locked due to age.
Parents
  • Not exactly sure why you have this problem, but here are two things to try:

    Option 1

    I am pretty sure that "HTTPS and Redirect" means that it accepts HTTP connections on port 80 but redirect to HTTPS on whatever port.   This might be creating confusion.  Try changing to HTTPS (without redirect) and see if the problem goes away.

    Option 2

    If you have WAF in front of your Exchange server, you can get rid of the custom port on the public IP using Server Name Indication (SNI)

    1) WAF on exchange.example.com:443 (public a.b.c.d) redirects to internal Exchange:443 (10.10.10.10)

    2) WAF on  otherapp.example.com:443 (public a.b.c.d) redirects to internal Otherstuff:8089 (10.10.10.11). 

    I perceive the second approach as preferable because the users are more likely to enter the URL correctly in the address bar or Favorites entry.

    Curious to hear your results.

  • Well that was easy. Your option 2 worked out perfectly, and the site is displaying properly too now. Thank you.

Reply Children
No Data