Solved

Sharepoint Site - external https access - internal http access

Posted on 2013-12-03
6
961 Views
1 Endorsement
Last Modified: 2014-03-25
We have an intranet site "Sharepoint - Intranet" - bound to ports 80 and 443.  People can use http or https to access it currently.  I have been asked to remove http access for external users.  The requirement currently is to have the same DNS entry for both sites - so

http://www.intranet.com would be the internal site
https://www.intranet.com would be used externally

I'm unclear on several things.  I have read that one way to accomplish this would be to extend the Sharepoint - Intranet site to use port 443.  But I'm unclear on how/whether this manages people coming in from the outside vs internal and how zones play into it if they do at all.  For example - I extend the site and make it available through https and put it in the Internet zone - then someone types in http://www.intranet.com from external and authenticates that way anyways ...?  Does a redirect also need to happen?

The second way I read that might accomplish this is to route traffic by way of IP address so that internal traffic is allowed to the http site and https traffic is routed to the external site -- as documented in the link below - but I am unclear whether you have to still have 2 seperate IIS sites ...

https://docs.gosecureauth.com/display/docs/URL+Rewrite+-+IP+Restrictions

Or if someone has another suggestion ..

Thanks!
1
Comment
Question by:PurpleSlade
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 4
  • 2
6 Comments
 
LVL 8

Assisted Solution

by:vaderj
vaderj earned 500 total points
ID: 39693700
You would want to extend the web application, that is correct.
The reason for this is because extending the web application creates a second web site in IIS, though in SharePoint it will be the same site.
Once you extend it, you will need to then assign it the correct Alternate Access Mapping, along with correctly configure the Authentication Provider.
0
 
LVL 2

Author Comment

by:PurpleSlade
ID: 39693726
How does this prevent external access via http?
0
 
LVL 8

Accepted Solution

by:
vaderj earned 500 total points
ID: 39693743
[SharePoint Web Application (p80) ]  ==> [ SharePoint Extended Web App (p443) ]
[AAM] Intranet = http://                                [AAM] Extranet = https://
[Authentication] NTLM                                  [Authentication] (Guessing anonymous?)


I dont know your network topology, but making the assumption that external DNS resolves to a reverse proxy.  You would want to setup the p443 in your rev proxy to resolve to your WFE, and p80 either to drop or to forward to the appropriate host thats not your SharePoint WFE
0
Free NetCrunch network monitor licenses!

Only on Experts-Exchange: Sign-up for a free-trial and we'll send you your permanent license!

Here is what you get: 30 Nodes | Unlimited Sensors | No Time Restrictions | Absolutely FREE!

Act now. This offer ends July 14, 2017.

 
LVL 2

Author Comment

by:PurpleSlade
ID: 39693969
Talking to our network folks, we do not use a proxy server.
0
 
LVL 2

Assisted Solution

by:PurpleSlade
PurpleSlade earned 0 total points
ID: 39944119
I solved this using iis rewrite module.
0
 
LVL 2

Author Closing Comment

by:PurpleSlade
ID: 39952670
After much research I found a way to do this using iis.
0

Featured Post

The Ultimate Checklist to Optimize Your Website

Websites are getting bigger and complicated by the day. Video, images, custom fonts are all great for showcasing your product/service. But the price to pay in terms of reduced page load times and ultimately, decreased sales, can lead to some difficult decisions about what to cut.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Summary In SharePoint 2010 it is easy to create custom color themes to jazz up a site. Theme colors can also be created in PowerPoint 2010 with a few clicks. But how do the chosen colors actually look in the SharePoint site? The attached PowerPoint…
In case you ever have to remove a faulty web part from a page , add the following to the end of the page url ?contents=1
In this video, viewers are given an introduction to using the Windows 10 Snipping Tool, how to quickly locate it when it's needed and also how make it always available with a single click of a mouse button, by pinning it to the Desktop Task Bar. Int…
Add bar graphs to Access queries using Unicode block characters. Graphs appear on every record in the color you want. Give life to numbers. Hopes this gives you ideas on visualizing your data in new ways ~ Create a calculated field in a query: …

691 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question