Hi,
I'm a bit lost and need a hand, because since Upgrading my Horizon to 1.5 I'm unable to get access from the Internet.
The Hard Facts:
The System is setup with Split DNS, with 'horizon.mydom.com' being the FQDN of my Workspace and the Gateway-va, resolving to a rfc1918 LAn adress from the insife and to a public rechable Adress from the outside.
The System is accessed from the Internet via a reverse Proxy, that is also serving other https Intranet applications, so I assume this is working fine.
From within my LAN, everything is working fine, no Problems here.
External Access:
If I type https://horizon.mydom.com, I'm redirected to "https://horizon.mydom.com/:443/SAAS/auth/login?dest=https://horizon.mydom.com/web"
A Horizon Error Page is displayed, thelling me that the page i'm looking for is not available (See Screenshot)
Please note the "/:443" part: The Browser is forced to take the Port Number as a path ... this explains "the page not found" error.
If I Access "https://horizon.mydom.com/hc/login", I get no error, the login page is displayed, and I can log on.
Unfortunateley, my reverse proxy is not able to redirect https://horizon.mydom.com to https://horizon.mydom.com/hc/login, so I need to get it fixed on Horizon side.
Any Ideas?
This might not be the solution but just in case.
How many connector-va do you have ? if you have only one for both internal and external have you enabled windows authentication ? if yes go to the connector page and disable it.
Took me a while to figure this out as I was unable to connect from external and it makes sense ...
Now I have two connectors one for internal with Kerberos & SSO (that doesn't work yet :smileyconfused: ) and one for external.
Could it be also something with the idp hostname in identity provider ?
Seb
Tried, with no effect.
If I disable the Reverse Proxy, and replace it with a NAT device, everything is smooth....
What type of reverse proxy do you have ?
Sophos UTM, basically it's Linux based.
I won't be able to provide much help on this as I have an F5 LTM in front although I have been using a Linux haproxy before.
I ll do a bit of research on this and in case I can come up with an idea I ll reply back
Hi,
Could you please try by changing the reverse proxy configuration by including port number in the url.
For example:
if the reverse proxy server forwards the request to https://fqdn, then change it to forward request to https://fqdn:443.