SammyRosario
asked on
Sharepoint 2010 Some Users Can Access HTTPS some can not.
I have a Sharepoint Foundation 2010 Server running. Some users remotely can access our site with no problem through HTTPS however some can only access it only through HTTP.
One way i was able to get a user to access it was getting them on our VPN which at that point it started working again however other user do not need to be on the VPN.
Not sure where to look to resolve this issue.
One way i was able to get a user to access it was getting them on our VPN which at that point it started working again however other user do not need to be on the VPN.
Not sure where to look to resolve this issue.
ASKER CERTIFIED SOLUTION
membership
Create a free account to see this answer
Signing up is free and takes 30 seconds. No credit card required.
Also, this can involve your alternate access mappings in Central Admin. In the AAM, you need to set the local or internal mapping to either http:// machine name, or even your domain name, http://yourdomain name and external to the https address. you could add an entry to enable access via an https address when accessing locally, but why bother with that? Really, the only reason to even use ssl is because you are sending login info over the internet in plain text which can be intercepted and read, but in a LAN situation, windows auth handles all of that.
Hi Ranier, hoping you can educate me.
"I have had the same issue with my internal SharePoint team site where we could not access the secured site on SSL internally but when connected via VPN."
Why would someone want to use SSL when they are on the network already? Why would a connected VPN user want to view the site through it's https address? I must be missing something.
"I have had the same issue with my internal SharePoint team site where we could not access the secured site on SSL internally but when connected via VPN."
Why would someone want to use SSL when they are on the network already? Why would a connected VPN user want to view the site through it's https address? I must be missing something.
Also, if you are using an http and a https address, you need to reflect this properly in the AAM because it needs to manage all the links in email notifications and other things, to be based upon the url that the viewer used or uses to view the site, so that all of the links have the correct addresses that reflects how the user accesses this site. Otherwise, none of them will work.
Hi BobHavertyComh,
this issue is definitely not related to AAM - otherwise none will be able to use the other protocol.
In my company each consultant / developer has his own laptop. We work either in the company LAN, using Citrix with published IE and/or remote desktop, connecting through a VPN component or directly from the internet.
Depending on the chosen connection, HTTPS will work or not. I am no network admin nor do I have any info about the routing and firewall configuration in the company, but I can connect internally only via HTTP, externally only via HTTPS, using the VPN I can not connect at all and using Citrix I can connect to both.
So it is related to the network configuration not the setup of SharePoint.
KR
Rainer
this issue is definitely not related to AAM - otherwise none will be able to use the other protocol.
In my company each consultant / developer has his own laptop. We work either in the company LAN, using Citrix with published IE and/or remote desktop, connecting through a VPN component or directly from the internet.
Depending on the chosen connection, HTTPS will work or not. I am no network admin nor do I have any info about the routing and firewall configuration in the company, but I can connect internally only via HTTP, externally only via HTTPS, using the VPN I can not connect at all and using Citrix I can connect to both.
So it is related to the network configuration not the setup of SharePoint.
KR
Rainer
hi rainer, not to divert the conversation to me and you, as it's relevant to the general question,. Quick setup background. I have my own personal lan where I host and run my own personal SharePoint site. I'm the only one who would access this locally, but I want it accessed publicly because I want to create this as a showcase for my skills to show to the outside world. So I didn't even bother to extend the site, I made the internal one outward facing and binded it to SSL and added the https address to AAM.
After I did this, I distinctly remember being able to access the site using both the http and the https addresses locally. And I thought I remembered that I could access both when external to the network as well, which is bad because people will be sending non encrypted passwords over the net. So I had to go into the AAM and remove that http address, then disabled 80 and then it couldn't be accessed via http externally, nor internally, but I really didn't care about internally, I just use the https address.
So when you say that none could use the other protocol, I might not have understood what you meant, but it seems to contradict what I actually saw happening on my own site. Both were viewable internally and externally.
After I did this, I distinctly remember being able to access the site using both the http and the https addresses locally. And I thought I remembered that I could access both when external to the network as well, which is bad because people will be sending non encrypted passwords over the net. So I had to go into the AAM and remove that http address, then disabled 80 and then it couldn't be accessed via http externally, nor internally, but I really didn't care about internally, I just use the https address.
So when you say that none could use the other protocol, I might not have understood what you meant, but it seems to contradict what I actually saw happening on my own site. Both were viewable internally and externally.
Hi,
in your case yes if you do not have a firewall in between your SharePoint server and your external internet connection. If you had a firewall you just might have blocked port 80 for incoming connections and no one from the unternet would have been able to use http but only htttps whereas you would have been able to connect internally by bypassing the firewall ;-)
in your case yes if you do not have a firewall in between your SharePoint server and your external internet connection. If you had a firewall you just might have blocked port 80 for incoming connections and no one from the unternet would have been able to use http but only htttps whereas you would have been able to connect internally by bypassing the firewall ;-)
OK thanks Rainer.
Yes, I have no firewall between the two. Port 80 is open on the gateway router, but the http address binding to port 80 is gone. So that's why I can't see the http address internally as well whereas if I reintroduced that binding and closed port 80 on the router, then I guess I could see it internally.
There's also the issue of matching the link address in email notifications, to the address that the person will using to access the site and it uses AAM for that.
Yes, I have no firewall between the two. Port 80 is open on the gateway router, but the http address binding to port 80 is gone. So that's why I can't see the http address internally as well whereas if I reintroduced that binding and closed port 80 on the router, then I guess I could see it internally.
There's also the issue of matching the link address in email notifications, to the address that the person will using to access the site and it uses AAM for that.
ASKER
The Firewall/VPN was the issue with the routes.
Thanks Rainer!
Thanks Rainer!