Showing results for 
Search instead for 
Did you mean: 

Web ReWriting


Web ReWriting

What's the advantage to using or perhaps the disadvantage to not using web rewriting?


Problem:  We have a web based application that just fails miserably using the rewriter.  This app is used remotely by a large portion of my clients.  So currently they all have to actually tunnel in versus just being able to use the web acl to let them access.


Would it be any better or different (without opening us up to the baddies) to create a policy to not rewrite that web URL?


Frequent Contributor

Re: Web ReWriting

If you havent already, try setting it up as a passthrough proxy. I had to do this to a couple of apps to keep them from getting mangled.

Respected Contributor

Re: Web ReWriting

Short answer: rewrite allows browser-only remote access to the web server; not rewriting requires a client to access the web server. Neither is more or less secure

Long answer: Rewriting, standard/traditional or pass-through proxy, acts as a proxy for the user: the end user browser only sees the IVE & the internal server only sees the IVE.
Disabling rewriting means there is a form of direct access: in the form of a SAM or VPN connection. The former is L7 connection in which you define applications/servers that are allowed to be accessed and is client-initiated only; the latter is a traditional L3 connection in which the remote user is a node on the network.
Tags (1)