Hi Everybody,

I got an issue on my PCS. I want to set my PSA3000 as a reverse proxy using the sign in policy "Authentification Only Access". I explain my case :

I got three applications with webserver in my DMZ, all have their own certificate :

www.mydomain.fr (used by internal port)

myapp1.mydomain.fr (used by virtual port 1)

myapp2.mydomain.fr (used by virtual port 2)

Thoses three DNS name are redirected toward a unique external public IP Adress.

My firewall in front of the PCS redirected all traffic "https://*.mydomain.fr" to my external public IP adress toward the internal port of my PCS. In this case, my setting of sign in policy( Auhtorization only access) works because I 'm redirected to my app1 BUT I got an certificate warning. I understand that is because the internal port use the certificate of "www.mydomain.fr" and not the app1 one.

So, I set the virtual port with their certificate on the PCS. On my firewall, I redirect a port I choose like 4445 for example and then, the user try to connect to "https://myapp1.mydomain.fr:4446", my firewall do the NAT job and redirect this to the virtual port 1 so with his certificate I got no warning this time but the PCS doesn't do the job and don't redirect to my app1. Do you know why ? Or having some solutions ?

Thank's in advance.