Community

PROXY SETTINGS IN DMZ

2168
12
02-27-2018 09:19 PM
cadgism
by
Occasional Contributor
‎02-27-2018 09:19 PM

I am using a proxy to consume some secured layers in ArcGIS Javascript API. Everything is working fine locally, meaning when the machine is inside LAN

 When accessing it through DMZ the application produce a pop-up from the Arcgis Server for Authentication (username, password). It works fine when supplied the credentials. But not going through proxy. producing the following error:-

How can I solve this pplease ???

[SocketException (0x274c): A connection attempt failed because the connected party did not properly respond after a period of time, or established connection failed because connected host has failed to respond 00.00.00.00:6080]
   System.Net.Sockets.Socket.DoConnect(EndPoint endPointSnapshot, SocketAddress socketAddress) +185
   System.Net.ServicePoint.ConnectSocketInternal(Boolean connectFailure, Socket s4, Socket s6, Socket& socket, IPAddress& address, ConnectSocketState state, IAsyncResult asyncResult, Exception& exception) +496

[WebException: Unable to connect to the remote server]
   System.Net.HttpWebRequest.GetResponse() +1399
   proxy.doHTTPRequest(String uri, String method, NetworkCredential credentials) +243
   proxy.getNewTokenIfCredentialsAreSpecified(ServerUrl su, String reqUrl) +947
   proxy.ProcessRequest(HttpContext context) +3086
   System.Web.CallHandlerExecutionStep.System.Web.HttpApplication.IExecutionStep.Execute() +188
   System.Web.HttpApplication.ExecuteStepImpl(IExecutionStep step) +48
   System.Web.HttpApplication.ExecuteStep(IExecutionStep step, Boolean& completedSynchronously) +71
0 Kudos
12 Replies
RobertScheitlin__GISP
by MVP Emeritus
MVP Emeritus
‎02-28-2018 05:51 AM

cadgis,

  Are you using urls that are for the LAN or urls that are allowed to pass through the DMZ? I always use my public urls in my app and my proxy.config.

0 Kudos
cadgism
by
Occasional Contributor
‎02-28-2018 10:10 AM

Robert Scheitlin, GISP, Thanks for replying.

yes I am using all public urls in proxy.config

Even apart from the application when i try to generate token manuallay the status is as follow :-

http://LAN:6080/arcgis/tokens - works
http://DMZ:6080/arcgis/tokens - works
http://lanproxy/dotnet/proxy.ashx?http://LAN:6080/arcgis/tokens - Error (Permisiion Denied)
http://lanproxy/dotnet/proxy.ashx?http://DMZ:6080/arcgis/tokens - Error
http://DMZproxy/dotnet/proxy.ashx?http://DMZ:6080/arcgis/tokens - Error‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍
0 Kudos
RobertScheitlin__GISP
by MVP Emeritus
MVP Emeritus
‎02-28-2018 10:14 AM

You really need to use WebAdaptor and the WebApadator urls that do not contain the :6080 port number.

0 Kudos
cadgism
by
Occasional Contributor
‎02-28-2018 10:21 AM

It is the port problem that creates the error ?

Though i am going to read about it, just curiosity please , Can I install WebApadator  online without affecting any services.??

0 Kudos
RobertScheitlin__GISP
by MVP Emeritus
MVP Emeritus
‎02-28-2018 10:25 AM

No the port number is not the man issue but could contribute to it. Do you have the urls in your proxy.config with the port number as well? Adding the Web Adaptor will not affect your services. It just allows you t use a url that does not contain the port number.

0 Kudos
cadgism
by
Occasional Contributor
‎02-28-2018 10:36 AM

This is how my proxy.config looks like..

<ProxyConfig allowedReferers="*"             
          mustMatch="false">    

<serverUrls>        

<serverUrl url="http://DMZ:6080/arcgis/rest/services/myQuery"
     matchAll="false"                                    
     username="user"                                     
     password="123">     
</serverUrl>     

</serverUrls>

</ProxyConfig>



<!-- See https://github.com/Esri/resource-proxy for more information -->
0 Kudos
RobertScheitlin__GISP
by MVP Emeritus
MVP Emeritus
‎02-28-2018 11:02 AM

Cadgis,

   Well my working proxy.config looks like this:

<?xml version="1.0" encoding="utf-8" ?>
<ProxyConfig allowedReferers="*" mustMatch="true" logFile="proxylog.txt" logLevel="Info">
    <serverUrls>
      <serverUrl url="http://gis.calhouncounty.org" matchAll="true"/>
....

Notice my much less specific url and the matchAll="true"

0 Kudos
cadgism
by
Occasional Contributor
‎02-28-2018 10:00 PM

Robert Scheitlin, GISP, Thanks for replying.

Not working still, though i did not make the web-adopter thing. It's working perfect in intranet when all the urls are changed to intranet.

0 Kudos
RobertScheitlin__GISP
by MVP Emeritus
MVP Emeritus
‎03-01-2018 05:47 AM

cadgis,

   Do you have access to your REST service directory using the external url from outside your intranet? This is sounding more and more like an IT dept firewall issue.

0 Kudos