Hello ! I'm using ipa 3.0.0.47.
I have an architecture where the IPA server is located on a secure zone, not accessible from anyone. The IPA server has 2 network interfaces : - IP1 - IP2 In the secure zone, the IP1 network is used for the communication between the servers. The IP2 is used for administrators to connect to the servers inside the secure zone. The only way to connect to the IPA server for external users is a proxy which allows us to connect to the IP2. I installed the ipa-server using the IP1 network interface. When I try to connect through proxy to the IPA webui, I use the IP2 network interface. My problem is the following : I type the following URL : https://<IP2> It redirects me to the following URL : https://<IP1>/ipa/ui When I try https://<IP2>/ipa/ui, it redirects me to https://<IP1>/ipa/ui. And unfortunately, this IP1 is not reachable from outside of the secure zone. When I check from the server, I can see the service is listening on all network interfaces. ### # lsof -i :443 COMMAND PID USER FD TYPE DEVICE SIZE/OFF NODE NAME httpd 2427 apache 4u IPv4 xxxxxx 0t0 TCP *:https (LISTEN) httpd 2428 apache 4u IPv4 xxxxxx 0t0 TCP *:https (LISTEN) httpd 2429 apache 4u IPv4 xxxxxx 0t0 TCP *:https (LISTEN) httpd 2430 apache 4u IPv4 xxxxxx 0t0 TCP *:https (LISTEN) httpd 2431 apache 4u IPv4 xxxxxx 0t0 TCP *:https (LISTEN) httpd 2432 apache 4u IPv4 xxxxxx 0t0 TCP *:https (LISTEN) httpd 2433 apache 4u IPv4 xxxxxx 0t0 TCP *:https (LISTEN) httpd 2434 apache 4u IPv4 xxxxxx 0t0 TCP *:https (LISTEN) httpd 30861 root 4u IPv4 xxxxxx 0t0 TCP *:https (LISTEN) ### Is there something I am missing in the IPA configuration for the WebUI please ? Best regards. Bahan
-- Manage your subscription for the Freeipa-users mailing list: https://www.redhat.com/mailman/listinfo/freeipa-users Go to http://freeipa.org for more info on the project