Avatar of PurpleSlade
PurpleSlade asked on

Sharepoint Site - external https access - internal http access

We have an intranet site "Sharepoint - Intranet" - bound to ports 80 and 443.  People can use http or https to access it currently.  I have been asked to remove http access for external users.  The requirement currently is to have the same DNS entry for both sites - so

http://www.intranet.com would be the internal site
https://www.intranet.com would be used externally

I'm unclear on several things.  I have read that one way to accomplish this would be to extend the Sharepoint - Intranet site to use port 443.  But I'm unclear on how/whether this manages people coming in from the outside vs internal and how zones play into it if they do at all.  For example - I extend the site and make it available through https and put it in the Internet zone - then someone types in http://www.intranet.com from external and authenticates that way anyways ...?  Does a redirect also need to happen?

The second way I read that might accomplish this is to route traffic by way of IP address so that internal traffic is allowed to the http site and https traffic is routed to the external site -- as documented in the link below - but I am unclear whether you have to still have 2 seperate IIS sites ...

https://docs.gosecureauth.com/display/docs/URL+Rewrite+-+IP+Restrictions

Or if someone has another suggestion ..

Thanks!
Microsoft SharePointMicrosoft IIS Web Server

Avatar of undefined
Last Comment
PurpleSlade

8/22/2022 - Mon
SOLUTION
vaderj

Log in or sign up to see answer
Become an EE member today7-DAY FREE TRIAL
Members can start a 7-Day Free trial then enjoy unlimited access to the platform
Sign up - Free for 7 days
or
Learn why we charge membership fees
We get it - no one likes a content blocker. Take one extra minute and find out why we block content.
See how we're fighting big data
Not exactly the question you had in mind?
Sign up for an EE membership and get your own personalized solution. With an EE membership, you can ask unlimited troubleshooting, research, or opinion questions.
ask a question
ASKER
PurpleSlade

How does this prevent external access via http?
ASKER CERTIFIED SOLUTION
vaderj

Log in or sign up to see answer
Become an EE member today7-DAY FREE TRIAL
Members can start a 7-Day Free trial then enjoy unlimited access to the platform
Sign up - Free for 7 days
or
Learn why we charge membership fees
We get it - no one likes a content blocker. Take one extra minute and find out why we block content.
See how we're fighting big data
Not exactly the question you had in mind?
Sign up for an EE membership and get your own personalized solution. With an EE membership, you can ask unlimited troubleshooting, research, or opinion questions.
ask a question
ASKER
PurpleSlade

Talking to our network folks, we do not use a proxy server.
SOLUTION
Log in to continue reading
Log In
Sign up - Free for 7 days
Get an unlimited membership to EE for less than $4 a week.
Unlimited question asking, solutions, articles and more.
ASKER
PurpleSlade

After much research I found a way to do this using iis.
Experts Exchange is like having an extremely knowledgeable team sitting and waiting for your call. Couldn't do my job half as well as I do without it!
James Murphy