Configuration with Reverse Proxy - ArcGIS Enterprise

435
9
01-08-2020 08:21 AM
ALICIA_EDWARDS
New Contributor II

We recently installed and configured ArcGIS enterprise 10.6.1. It has been configured properly and several feature services have been published and edited on our internal network. However, the issue stems from allowing traffic external to the organization. A preamble is that an instance on the firewall ( Reverse Proxy) with the 443 protocol which is assigned to the mail server already exists. Therefore to configure the reverse proxy to utilize portal configuration, protocol 443 with assignment to a port (port 7443) was made instead. However upon assessing the portal using 443 with the port 7443, it reverts to the mail server due through existing https (443). What other possible configurations are there to be utilized in allowing traffic other than 443 to portal?

NB: Https://portal_url:7443 works internally. Is accessing the same url from outside the organization through the firewall is where the problem lies.

0 Kudos
9 Replies
ALICIA_EDWARDS
New Contributor II

Yes, we've tried the suggestions in these documents but unfortunately the problem still exists

0 Kudos
JoshuaBixby
MVP Esteemed Contributor

If you have followed Esri's instructions/documentation and are still having the issue, then there is a good chance it could be an issue on your reverse proxy.  You could just stand up a basic web server using an alternate port and test it using your reverse proxy from outside.  That would tell you whether part of the issue is with Esri or purely a network configuration issue.

JohnBrockwell
Occasional Contributor II

We have all our applications using port 443 (https). The proxy should know where to redirect your traffic to:

https://email.gov goes to the email server. https://arcgis.maps.gov redirects to your web adaptor then your web adaptor redirects on 7443 to your Portal for ArcGIS.

really basic network configuration. Are you using Load Balancing, I.e. F5?

0 Kudos
ALICIA_EDWARDS
New Contributor II

Does it matter if the machine running the enterprise is a virtual server (no physical hardware) accessible only through a remote connection

JoshuaBixby
MVP Esteemed Contributor

I doubt it.  My organization runs all ArcGIS Enterprise machines on VMs with reverse proxies and don't have any issues like this.  Granted, we are using an F5 that routes different URLs on the standard 443 port, so it isn't the exact same situation as you.

JohnBrockwell
Occasional Contributor II

Are you using ArcGIS Web Adaptor? What is the reverse proxy product you are utilizing?

0 Kudos
ALICIA_EDWARDS
New Contributor II

We had to open a new port under IIS (port 6193) and then set that as a default; uninstall web adaptor for portal (which was on port 443) and then we reinstalled web adaptor on the newly default port 6193 and it worked.

JohnBrockwell
Occasional Contributor II

Alicia,

I feel that you organization (Networks) made this process harder than it needed to be. 443 is a standard port and should've been capable of running multiple applications through it. IMHO.

Take Care,

JB

0 Kudos