I got an issue on my PCS. I want to set my PSA3000 as a reverse proxy using the sign in policy "Authentification Only Access". I explain my case :
I got three applications with webserver in my DMZ, all have their own certificate :
www.mydomain.fr (used by internal port)
myapp1.mydomain.fr (used by virtual port 1)
myapp2.mydomain.fr (used by virtual port 2)
Thoses three DNS name are redirected toward a unique external public IP Adress.
My firewall in front of the PCS redirected all traffic "https://*.mydomain.fr" to my external public IP adress toward the internal port of my PCS. In this case, my setting of sign in policy( Auhtorization only access) works because I 'm redirected to my app1 BUT I got an certificate warning. I understand that is because the internal port use the certificate of "www.mydomain.fr" and not the app1 one.
So, I set the virtual port with their certificate on the PCS. On my firewall, I redirect a port I choose like 4445 for example and then, the user try to connect to "https://myapp1.mydomain.fr:4446", my firewall do the NAT job and redirect this to the virtual port 1 so with his certificate I got no warning this time but the PCS doesn't do the job and don't redirect to my app1. Do you know why ? Or having some solutions ?
Thank's in advance.
Solved! Go to Solution.