Using AAR/ Rewrite for connection from vendor to usRSS

1 reply

Last post Jun 28, 2019 08:18 AM by Able

  • Using AAR/ Rewrite for connection from vendor to us

    Jun 27, 2019 09:04 PM|Huy.Le|LINK

    We are hosting an environment comprised of a medical software that needs to connect to another 3rd party add-on's server that they are hosting. 

    It would communicate in this order: 

    1. 1. Vendor IP  ----( Request: for authentication token) ---- > Our authentication server (server 1)
    2. 2. Vendor IP  <----(Response: Authentication token sent) ---- Our authentication server (server 1)
    3. 3. Vendor IP  ----(Response: Authentication token sent) ----> Our WEB Server (server 2)
    4. 4. Vendor IP  <----(Response: Authentication token sent) ---- Our WEB Server (server 2)

    After much consulting for best security practices, the vendor suggested configuring a reverse proxy server in our DMZ.

    I've gone through much documentation for this, most of the documentation appears to suggest the reverse proxy talking from one server to another one server or using actual sites as opposed to IP addresses. My question is, can this be configured through reverse proxy IIS? 

    There seems be many different guides for this, and for now, I've followed the Skype for Business protocol for reverse proxy and awaiting to test it, I'm just not sure if AAR/Rewrite will route the traffic correctly.

    Currently in the DMZ server IIS, i have this configured: 

    Server Farms (configured with server IP addresses, not URLs)

         - Server Farm 1: Authentication Server 

         - Server Farm 2: Web Server 

    DMZ Server level ARR: 

          - Proxy not enabled

    DMZ Server level URL Rewrite: 

          - Auth Server_loadbalance_SSL

                    - Conditions: matches the pattern for the IP of Vendor

                    - Action Type: Route to Server Farm

          - Web Server_loadbalance_SSL

                    - Conditions: matches the pattern for the IP of Vendor

                    - Action Type: Route to Server Farm

          

    Any suggestions (or just knowing if this is going to work at all) would be greatly appreciated. 

    Thank you. 

  • Re: Using AAR/ Rewrite for connection from vendor to us

    Jun 28, 2019 08:18 AM|Able|LINK

    Hi Huy.Le,

    According to your description,you could use ip address for  reverse proxy. It's both ok if you use target server ip address or use server name. 

    You could add urlrewrite module and set as the link as below:

    https://weblogs.asp.net/owscott/creating-a-reverse-proxy-with-url-rewrite-for-iis

    Best Regards

    Able

    Please remember to click "Mark as Answer" the responses that resolved your issue.
    If you have any compliments or complaints to MSDN Support, feel free to contact MSDNFSF@microsoft.com.