Publish Intranet website using SA4500

bickyz_ · ‎06-15-2012

Hi we have Juniper SA4500.

When users from home/internet goes to https://remote.mycompany.com they are prompted to enter the Active Directory credentials. Upon login they are presented with few bookmarks to Intranet pages and link to Terminal Server.

Is there anyway to publish the Intranet page without needing to go through login process; may be with a different domain like https://intranet1.mycompany.com

I can simply publish websever using our firewall but accessing through the SA is more secure; am I right?

Any help would be much appreciated, Thank you.

SonicBoom_ · ‎06-15-2012

Hi Bickys, you can set the users start page to https://intranet1.mycompany.com by going to either a particular roles UI options or under the default options for all the roles, then, once they login they are sent straight to your internal portal. However, users will still need to login to the SA, just make sure you enable SSO in order for the credentials to be sent to the intranet page.

zanyterp_ · ‎06-15-2012

As long as you have the ACL set, yes, you can start at your internal company start page.

Please note that if you do this, users will need to click on the toolbar logo to get to the bookmark page to use any other functions (or you can create links to them using the descriptions outlined in the admin guide).

bickyz_ · ‎06-15-2012

I have a simple website hosted internally that provides some info about the organisation; this website doesn't require one to logon. Can this website be published via SA so that anyone can access it without having to login.

The idea behind is to let public access the site without need to login but same time it comes through the SA so that it uses SSL certicate on the SA and traffic gets encrypted.

Please correct me If I have misunderstood something.

jayLaiz_ · ‎06-18-2012

Hi,

You can configure an anonymous auth server and use that as an authentication server on the SA and set the application URL as a start page URL under the User role

or you can use the reverse proxy feature where under sign in policies, when you configure a new sign in policy, you can select authorization only access, enter a Virtual hostname that through DNS resolves to the externaL IP or an external Virtual IP on the external port and the backend url as the application URL.Authorization server will be no authorization,select the role and save changes.

Regards,

Jay

zanyterp_ · ‎06-18-2012

yes, it can be done without issues using what jay said.

with either option, you will need to make sure the role has a web acl configured for access and rewriting configured

ruc_ · ‎06-18-2012

@bickyz wrote:

I have a simple website hosted internally that provides some info about the organisation; this website doesn't require one to logon. Can this website be published via SA so that anyone can access it without having to login.

The idea behind is to let public access the site without need to login but same time it comes through the SA so that it uses SSL certicate on the SA and traffic gets encrypted.

Please correct me If I have misunderstood something.

Based on you requirements above (i.e. no authentication, no access control and only needing a https connection) I would say accessing via SA is an overkill (technically it is possible). If you can install a SSL certificate on your webserver and directly publish it via the firewall then I would recommend that route.

Publish Intranet website using SA4500

Publish Intranet website using SA4500

Re: Publish Intranet website using SA4500

Re: Publish Intranet website using SA4500

Re: Publish Intranet website using SA4500

Re: Publish Intranet website using SA4500

Re: Publish Intranet website using SA4500

Re: Publish Intranet website using SA4500