This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Accessing Internal Intranet From External Location

Hi all,

We are running two Sophos SG450 UTM Hardware Appliances 9.505-4) running in active-passive configuration.

I have been tasked with permitting access to our internal Intranet from locations external to our organisation. I have mostly got it working, but I've hit a hurdle that I'm hoping someone will give me a hand to get over.

The Intranet site, let's call it assist.domain.com can be accessed fine, as long as the URL begins with assit.domain.com. However, there are other resources, let's call them cdn.domain.com and profiles.domain.com which are referenced from the Intranet site. These are also on our internal network but I cannot access these links. These resources are located on separate servers from the one hosting our Intranet site.

Could someone please point me in the right direction as to how I may resolve this issue? Is it a case creating separate Real Webservers (and corresponding Virtual Webservers) for each of these resources or can Request Redirection aid in this.

I have Reverse Authentication working on the primary Intranet site but do not want to keep inputting usernames and passwords when accessing the additional resources.

Any help/suggestions would be much appreciated.

Best regards,

John P



This thread was automatically locked due to age.
Parents
  • John, what does Support say about this?  I suspect that it's not possible though, as Doug says.

    Cheers - Bob

     
    Sophos UTM Community Moderator
    Sophos Certified Architect - UTM
    Sophos Certified Engineer - XG
    Gold Solution Partner since 2005
    MediaSoft, Inc. USA
Reply
  • John, what does Support say about this?  I suspect that it's not possible though, as Doug says.

    Cheers - Bob

     
    Sophos UTM Community Moderator
    Sophos Certified Architect - UTM
    Sophos Certified Engineer - XG
    Gold Solution Partner since 2005
    MediaSoft, Inc. USA
Children
  • Hi Bob,

    Thank you for your post.

    Support basically re-iterated what Doug said, the Sophos UTM Appliance couldn't handle these types of redirection requests. They told me to configure HTTP Redirect within IIS on the server hosting our main Intranet site.

    However, I have been assured by our Developer Team (who look after our internal web servers) that this would not work as the desired redirected destinations have completely different FQDNs from the main Intranet site and are hosted on completely separate servers.

    I have to admit that I'm a bit disappointed that Sophos UTM lacks this functionality. Looks like we will have to keep sweating our MS UAG Appliances (having said that, they've run for years without any major mishaps) until a solution is forthcoming from Sophos. Otherwise we may start looking at alternatives to the Sophos UTMs.

    Best regards,

    John P

    2 x SG450 (Version 9.714-4)

    HA = Active-Passive