AnsweredAssumed Answered

Make Portal for ArcGIS public accessible using IIS reverse proxy server in DMZ

Question asked by jyi67 on Mar 12, 2018
Latest reply on Mar 14, 2018 by jyi67

We are having issues when trying to configure IIS reverse proxy server in DMZ to make Portal for ArcGIS 10.5.1 public. Portal for ArcGIS has been added to Web Adapter and both Portal and Web Adapter are located on the save server. 

Everything works fine except the following two issues so far:

1. The change password function does not work. After user signs in, click My Profile, EDIT MY PROFILE button -> CHANGE PASSWORD button, the intranet server name is displayed in the url address bar, instead of the public domain name. 

I.e., the address bar shows https://aaawebapp01/arcgis/sharing/oauth2/resetPassword?oauth_state=qYQc9.....,

instead of https://public-url/arcgis/sharing/oauth2/resetPassword?oauth_state=qYQc9......

Of course, with this intranet host name shown, user cannot go on making change to their passwords.

2. After user signs in, if user reloads the signin link: https://public-url/arcgis/home/signin.html,   the following page is shown, where, in the middle of the page, the intranet server name is displayed again:

 

Could somebody shed lights on the above two issues: how to change IIS rewrite rules to hide the intranet server name in the above two cases and display the public domain name correctly? I notice that one of issues is related to form, and the other one is related to IFrame. The strange thing is that the public domain name is loaded correctly in other parts of the public Portal for ArcGIS. 

There is no reference from ESRI for using IIS reverse proxy server with Portal for ArcGIS. 

 

Thanks

JYI

Outcomes