Or two virtual servers, each with its own IP. That way you could limit access with NAT and firewall rules.
-- Tony Worthington Sr. Technical Analyst Kohl's Department Stores [EMAIL PROTECTED] 262-703-5911 Kaiser Norm E CIV USAF 96 CS/SCCE <[EMAIL PROTECTED]> Sent by: "Action Request System discussion list(ARSList)" <arslist@ARSLIST.ORG> 05/29/2008 11:02 AM Please respond to arslist@ARSLIST.ORG To arslist@ARSLIST.ORG cc Subject Re: Mid-tier and internal network If IIS is your web server, why not create two separate virtual directories--one for your Remedy apps and one for your outside-facing non-Remedy apps. Then you can set directory security individually for each virtual directory (i.e., set up an IP range). Then to avoid changing links, replace your actual .asp pages with pages that do a redirect to the actual page. For example, suppose your actual page is https://remedy.jmu.edu/whatever.asp and that page show a nice list of professors or something. Rename that something like https://remedy.jmu.edu/virtualdirectoryname/professors.asp and then just turn whatever.asp into a redirect to professors.asp. Thus, the change would be invisible to the end user. -----Original Message----- From: Action Request System discussion list(ARSList) [mailto:[EMAIL PROTECTED] On Behalf Of Dwayne Martin Sent: Thursday, May 29, 2008 10:31 AM To: arslist@ARSLIST.ORG Subject: Re: Mid-tier and internal network Thanks, Russel and Brad and JT. The trouble with a separate website is that we have links to all these websites that point to "https://remedy.jmu.edu/whatever.asp."; Tracking all those links down and changing them, or changing our Mid-Tier address would be a major pain, but that might be the way we have to go. Dwayne ---- Original message ---- >Date: Thu, 29 May 2008 10:41:38 -0400 >From: "J.T. Shyman" <[EMAIL PROTECTED]> >Subject: Re: Mid-tier and internal network >To: arslist@ARSLIST.ORG > >Dwayne, > > This can be done but I cannot tell you exactly how as it has been a >while since I secured websites on IIS. > > I believe the way to do this would be to create a separate website >on the IIS server for the AR Mid-Tier and add an IP Address range >restriction to it so that only users who have IP addresses in certain ranges >can access the page. You may be able to find some information on Microsoft's >site >(http://www.microsoft.com/technet/prodtechnol/WindowsServer2003/Library /IIS/ >4117d9e2-c7e0-46db-88f6-6e804b4325b0.mspx?mfr=true)about setting this up in >IIS and it will likely take some testing to get it to work properly with >ARS. > >--- J.T. Shyman > > -----Original Message----- >From: Action Request System discussion list(ARSList) >[mailto:[EMAIL PROTECTED] On Behalf Of Dwayne Martin >Sent: Thursday, May 29, 2008 10:19 AM >To: arslist@ARSLIST.ORG >Subject: Mid-tier and internal network > >Dear List, > >We have a Mid-Tier system on a web server that is accessible only to our >university's internal network. That is, someone from within the University >can access the Mid-Tier, but someone outside can't unless they have a VPN. > >Unfortunately, we also have numerous regular web pages that we DO want >outsiders to be able to access. Has anyone had any experience setting up a >web server so that Mid-Tier is only available internally, but regular web >pages are available to the world? > >(Mid-Tier 7.1 patch 2, IIS 6 web server, Windows 2003 machine, Tomcat >servlet server) > >_______________________________________________________________________ ________ >UNSUBSCRIBE or access ARSlist Archives at www.arslist.org >Platinum Sponsor: www.rmsportal.com ARSlist: "Where the Answers Are" ________________________________________________________________________ _______ UNSUBSCRIBE or access ARSlist Archives at www.arslist.org Platinum Sponsor: www.rmsportal.com ARSlist: "Where the Answers Are" _______________________________________________________________________________ UNSUBSCRIBE or access ARSlist Archives at www.arslist.org Platinum Sponsor: www.rmsportal.com ARSlist: "Where the Answers Are" CONFIDENTIALITY NOTICE: This is a transmission from Kohl's Department Stores, Inc. and may contain information which is confidential and proprietary. If you are not the addressee, any disclosure, copying or distribution or use of the contents of this message is expressly prohibited. If you have received this transmission in error, please destroy it and notify us immediately at 262-703-7000. CAUTION: Internet and e-mail communications are Kohl's property and Kohl's reserves the right to retrieve and read any message created, sent and received. Kohl's reserves the right to monitor messages by authorized Kohl's Associates at any time without any further consent. _______________________________________________________________________________ UNSUBSCRIBE or access ARSlist Archives at www.arslist.org Platinum Sponsor: www.rmsportal.com ARSlist: "Where the Answers Are"
