IIS 7 and Above
Application Request Routing (ARR)
Would ARR help solve my problem?
Last post Mar 09, 2009 03:40 PM by Nael Safadi
Feb 22, 2009 08:49 AM|yousef.omar|LINK
I have the following scenario:
I have 3 VLANs, or say 3 network segments. VLAN1 is the clients segment; VLAN2 has SharePoint Server, with a website that utilizes the PageViewer web part. This PageViewer is used to display websites hosted on Servers at VLAN3 (applications segment). Users
from VLAN1 are prohibited to access the applications at VLAN3 directly; they have to do it via SharePoint's PageViewer); so when a users browses an application from the pageViewer at SharePoint he gets an access denied message for the contents in the viewer
(since the PageViewer is merely an iFrame control -- URL holder). I am wondering if I can user the ARR module from IIS 7.0 to route the requests from VLAN1 to VLAN3 as if they were initiated from VLAN2 (SharePoint)..
Appreciating your help,
ARR SharePoint LAN VLAN
Feb 24, 2009 01:00 PM|anilr|LINK
Sure, if you install ARR on machine which has 2 nics, one on vlan1 and the other on vlan3, it could accept requests for pages you want to allow from vlan1 and forward them to vlan3 - you would also need to update the links on your sharepoint pageviewer (or
your dns entries in vlan1) to point to the ARR server. Note that while you can configure ARR to be an http forward proxy, you cannot use it as an https forward proxy.
Mar 09, 2009 10:56 AM|Nael Safadi|LINK
We are wondering if ARR can help us resolve the business challenge that we are facing.
We are looking into ways to distribute content through a SharePoint Portal (with iFrames linking to Back-end Applications). Our problem lies in the network topology employed at our
Looking at several methods to resolve this problem, we have identified ARR as one possible solution, but we are yet unsure if this is possible or how to implement it.
The network is made of 4 different subnets, with different packet filters that control the traffic between these 4 subnets:
Sub1: A subnet for client computers
Sub2: A subnet containing only the SharePoint server
Sub3: A subnet containing all the (web) applications that our client use
Sub4: A subnet containing the database servers that contain the data of the application servers.
We are attaching a diagram (physical) that showcases the distribution of servers and the network topology in place.
The main network policies that are in-place on the centralized firewall pose our challenge in implementing SharePoint as a portal solution. Traffic is only allowed from the client’s
subnet to the SharePoint’s subnet. Client’s cannot access the application’s subnet.
What we would like to do is have the client access SharePoint (which has iFrames for the back-end applications), and have SharePoint act as a “proxy” to our requests for client calls
(as per the diagram “logical”).
Can ARR do that?
Do we need to deploy ARR on the SharePoint server, or on another server in the front?
How can this configuration be achieved? The back-end applications represent several applications each hosted on its individual server (There are no needs for load balancing of any
Mar 09, 2009 03:40 PM|Nael Safadi|LINK
how it's done ???