Forum Discussion
NimbostratusRedirect external traffic to internal sharepoint page
So the idea is to have an external url, ex. http://donor.domain.com hit the F5 and then redirect to an internal sharepoint site, say http://sharepoint/donor.aspx. It seemed simple in my head, just do a redirect with an iRule, but it doesn't work. I can get to the sharepoint front end server, but it doesn't appear to be able to handle the redirect, specifically I dont think it knows what http://sharepoint is - perhaps a DNS issue? The virtual server lives in our DMZ and passes to a sharepoint web front end server. Traffic flow is a little odd to me, but the f5 is basically forwarding traffic layer 2 to a Juniper firewall, then the firewall is handing it back to the f5. Ive looked at the iApp template for sharepoint briefly but its over my head, and tried different rules Ive found, none of which work. Ive been looking at the rewrite profiles as well, but what I tried didn't work and not sure that's what I want anyway. Advice?
6 Replies
- Kevin_Stewart
Employee
SharePoint has this thing called "Alternate Access Mappings" (AAM) that is basically SP's way of mapping different applications to different URLs. The most frustrating thing about it is a requirement to exactly match the host name(s) specified in AAM, even if you only have ONE application. So if you have "http://sharepoint" defined in AAM, and you don't access it with this URL, then it'll just redirect you to it. This of course presents a problem if http://sharepoint doesn't resolve to any real IP address outside of your local environment. So there are generally two ways to address this behavior:
-
Configure AAM with the external URL names that users will type in the browser, and that are DNS resolvable, or
-
Configure an iRule to inject an HTTP Host header that makes SharePoint think you're asking for it by a specific name (what you have configured in AAM). That might look something like this:
when HTTP_REQUEST { HTTP::header replace Host "sharepoint" }
-
kneebolt_142346Thanks for the quick response! So I tried that and just get a Bad Request - Invalid hostname. To be more specific, the internal sharpoint address is more like http://sharepoint/sites/dm/default.aspx - so given the above I just used
when HTTP_REQUEST { HTTP::header replace Host "sharepoint/sites/dm/default.aspx" }
is that still valid?
Our sharepoint guy isn't here to try number 1.
- Kevin_Stewart
Do you really access it locally with "http://sharepoint"? The error would suggest that it isn't what's specified in AAM. The Host header should only contain the host name. If you wanted to alter the URI, you'd use the HTTP::uri command.
- kneebolt_142346
Yes, well, if I try to go just to http://sharepoint I don't get anything, I have to go to http://sharepoint/sites/dm/default.aspx. Internally we have a DNS record that points 'sharepoint' to the load balanced front end IP (using Windows NLB, which the F5 will replace sometime in the near future). Given that I am changing it from http://donor.company.com on the outside to http://sharepoint/sites/dm/default.aspx on the inside, do I need to change the host name AND the URI in two different steps? Not sure how to combine those in an iRule yet. Excuse my ignorance, the F5 is brand new to me.
- Kevin_Stewart
I'd try something like this:
when HTTP_REQUEST { if { [HTTP::uri] equals "/" } { HTTP::redirect "http://donor.company.com/sites/dm/default.aspx" } HTTP::header replace Host "sharepoint" } - kneebolt_142346
That does work! At least for most links on that page, some don't work for some reason. Im wondering though if your solution 1 is the better way to go - I presume if I could get our sharepoint admin to create a donor.company.org AAM internally, then there would be no need to redirect with an iRule? Thanks again for the help!
