Forum Discussion
SoLucky
Nimbostratus
NimbostratusHow to keep the internal URL in browser address bar and point to external website
Is there a way to keep internal web address all the time and point it to public URL?
Let's say I have internal web address called honest2.company.com which has 10.10.2.35 and have public website...
Hannes_RappNimbostratus
NimbostratusThat's a fairly basic problem and I recommend you look into LTM Local Traffic policy feature for the most performance-efficient solution. However, you can also use an iRule provided below. Of course, you will also need two DNS entries - one of which is used by the general public, the other for your private LAN users/employees.
when HTTP_REQUEST {
if { ([HTTP::host] eq "abc123pqr456xyz789.azurewebsites.net") && (not ([class match [IP::client_addr] eq "private_net" ])) }{
HTTP::header replace Host "honest2.company.com"
}
}
- Hannes_Rapp
Another important note, all HTML hyper-links and directory listings in your web-page should be RELATIVE. Otherwise, the response payload may reveal your internal HTTP host and some elements in your web-site will not load at all. External users won't be able to resolve your internal DNS name to any public IP address. Therefore, it's important the web-page has no hard-coded parts that refer to your private/internal Host name. If this criteria is not met, you will additionally need to look into using stream profiles that do similar replacements in the response payload.
SoLuckyThanks Hannes for your quick reply but it gives "This page can't be displayed."
when HTTP_REQUEST { if { ([HTTP::host] eq "abc123pqr456xyz789.azurewebsites.net") && (not ([class match [IP::client_addr] eq "private_net" ])) }{ HTTP::header replace Host "honest2.company.com" } }
Do you see anything wrong? From my laptop I am able to hit honest2.company.com (10.10.2.35) but looks like the iRule is not able to do the magic. I am able to successfully do nslookup and get correct IPs. Any clue/help?
- Hannes_Rapp
This iRule is correct, all it does is it takes the original HTTP Host value and replaces it with your internal HTTP host. Probably an asymmetric routing issue as you try to hit the external DNS from your internal LAN. Responses might not return via the correct path. For testing purpose, temporarily enable SNAT Automap setting in Virtual Server settings and try again. You can revert it back afterwards.
- SoLucky
Source Address Translation option was at "Auto Map", I tried with "None" but still getting "This page can’t be displayed". I also tried replacing abc123pqr456xyz789.azurewebsites.net with www.google.com but no luck.
- Hannes_Rapp
Possibly not NATed to external IP, or in general, something is not properly routed. Check with tcpdump to see what's going on. This is generally something the forum cannot assist you with as we don't have the overview of your network. Another idea to further isolate the troubleshooting scope is to try connecting from the outside internet.
- SoLucky
Not sure about that, though your iRule looks good and somehow I was hoping to work as it is. I will keep digging and see if I can get any success, thanks for your help.