Need suggestions on the below.
I have configured Juniper SA 6000 6.0R4 and enabled some web profiles.
Whenever i access an application, the URL is something like this - https://abc.xyz.com/rtrack/Ticket/,DanaInfo=10.2.3.4+requestno=1234
As this is a request tracker application, there are some automated mails which go to customers stating an update in request status.
But if i access the URL https://abc.xyz.com/rtrack then this does not work and i get a message "Not Found"
Can i eliminate danainfo part from the URL so that the customers can access direct URLs ?
Any help would be greatly appreciated.
Have you tried turning off re-writing for this URL?
If you want to access the internal server 10.2.3.4 using a URL with no danainfo in it, you must use something other than the standard web rewriting function of the SA. For the sake of the example, I'm going to assume you can give 10.2.3.4 a DNS name of appl.xyz.com in your internal DNS. In this case, the original (internal) URL would look like -
and the rewritten URL would then be
If you want the user to be able to use the original URL from the outside, you have two options -
(1) Use SAM (either JSAM or WSAM will work) to modify the user's HOSTS file and forward packets to the internal server.
(2) Use passthrough proxy and define "appl.xyz.com" as the alias. In this case, you would have to define "appl.xyz.com" in your external DNS with the address of the SA.
The "Danainfo" construct is central to the Juniper web rewriting function. Unless you use something other than standard rewriting, you will not be able to eliminate it.
Thanks for the replies.
Just to correct the above, i don't want users to access the original URL, instead i want the URL to be accessed via the external one.
For ex. suppose the internal URL is something like http://appl.xyz.com/rtrack/Ticket?requestno=1234
Then my external URL should be https://abc.xyz.com/rtrack/Ticket?requestno=1234
Where abc.xyz.com maps to address of SA in external DNS.
This external URL is actually sent in the reminder mails to request assignees so that they can directly open the request (post SA authentication)
Let me know your thoughts on the above.