This discussion has been locked.

You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Astaro user portal answers on all IP addresses

Hi group.

How can I keep my astaro user portal only answering on a single IP address?

I have noticed that if port 443 is not NAT'd to any particular IP address (but its nat'd to other services), then that IP address will answer to the Internet with the user portal on 443.

This thread was automatically locked due to age.

Parents

0 BAlfson over 13 years ago

By default, the User Portal always has listened on all interfaces. The specific address on the 'Advanced' tab only appeared when the Web Application Firewall (reverse proxy) was added. I think that field is supposed to apply only to interfaces used in Web Application Security, but I haven't yet had to use it. It appears to me that the field was thought to be necessary, but no longer is needed.

If you want to "close" port 443 for unused addresses on the External interface, the easiest thing to do is to add each "External [Additional Address] (Address)" object to a group, and DNAT traffic to them to a non-existent internal IP.

Cheers - Bob
Cancel
Vote Up 0 Vote Down

Cancel

Reply

0 BAlfson over 13 years ago

By default, the User Portal always has listened on all interfaces. The specific address on the 'Advanced' tab only appeared when the Web Application Firewall (reverse proxy) was added. I think that field is supposed to apply only to interfaces used in Web Application Security, but I haven't yet had to use it. It appears to me that the field was thought to be necessary, but no longer is needed.

If you want to "close" port 443 for unused addresses on the External interface, the easiest thing to do is to add each "External [Additional Address] (Address)" object to a group, and DNAT traffic to them to a non-existent internal IP.

Cheers - Bob
Cancel
Vote Up 0 Vote Down

Cancel

Children

No Data