[Freeipa-users] A question related to ipa webui
bahan w
bahanw042014 at gmail.com
Thu Aug 11 09:10:21 UTC 2016
Hello !
I'm using ipa 3.0.0.47.
I have an architecture where the IPA server is located on a secure zone,
not accessible from anyone.
The IPA server has 2 network interfaces :
- IP1
- IP2
In the secure zone, the IP1 network is used for the communication between
the servers.
The IP2 is used for administrators to connect to the servers inside the
secure zone.
The only way to connect to the IPA server for external users is a proxy
which allows us to connect to the IP2.
I installed the ipa-server using the IP1 network interface.
When I try to connect through proxy to the IPA webui, I use the IP2 network
interface.
My problem is the following :
I type the following URL :
https://<IP2>
It redirects me to the following URL :
https://<IP1>/ipa/ui
When I try https://<IP2>/ipa/ui, it redirects me to https://<IP1>/ipa/ui.
And unfortunately, this IP1 is not reachable from outside of the secure
zone.
When I check from the server, I can see the service is listening on all
network interfaces.
###
# lsof -i :443
COMMAND PID USER FD TYPE DEVICE SIZE/OFF NODE NAME
httpd 2427 apache 4u IPv4 xxxxxx 0t0 TCP *:https (LISTEN)
httpd 2428 apache 4u IPv4 xxxxxx 0t0 TCP *:https (LISTEN)
httpd 2429 apache 4u IPv4 xxxxxx 0t0 TCP *:https (LISTEN)
httpd 2430 apache 4u IPv4 xxxxxx 0t0 TCP *:https (LISTEN)
httpd 2431 apache 4u IPv4 xxxxxx 0t0 TCP *:https (LISTEN)
httpd 2432 apache 4u IPv4 xxxxxx 0t0 TCP *:https (LISTEN)
httpd 2433 apache 4u IPv4 xxxxxx 0t0 TCP *:https (LISTEN)
httpd 2434 apache 4u IPv4 xxxxxx 0t0 TCP *:https (LISTEN)
httpd 30861 root 4u IPv4 xxxxxx 0t0 TCP *:https (LISTEN)
###
Is there something I am missing in the IPA configuration for the WebUI
please ?
Best regards.
Bahan
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://listman.redhat.com/archives/freeipa-users/attachments/20160811/73eebfb4/attachment.htm>
More information about the Freeipa-users
mailing list