Using Reverse Proxy to Facilitate External Access to Lawson Portal

 6 Replies
 0 Subscribed to this topic
 27 Subscribed to this forum
Sort:
Author
Messages
rmhooper
New Member
Posts: 3
New Member
    Our company is considering using a reverse proxy server to allow the Lawson Portal to be accessed from the web. This will avoid having any of the Lawson Servers inside the DMZ. Has anyone else tried this? Any gotcha's to be aware of?

    Thanks,
    allbusinessgomab
    Advanced Member
    Posts: 31
    Advanced Member
      We've done it with LCT 9.0.0 and Apps 8.0.3. It works well.
      Brian Allen
      Veteran Member
      Posts: 104
      Veteran Member
        We are running LSF 9.0.0.8 and 9.0 applications on AIX and we're using an F5 Network appliance for SSL access for several applications besides Lawson. The F5 application required special configuration by F5 to hide the external URL from Lawson to prevent the Qualified URL message, but it's been working well for several months now.

        allbusinessgomab
        Advanced Member
        Posts: 31
        Advanced Member
          Interesting. We're using Pound. We chose to make configurations changes in Lawson to keep from getting the fully qualified domain warning. We added the proxy server's url as an endpoint in Lawson and attached that endpoint to the SSOP service. We've done this for the past three years. We're about to upgrade to apps9 and are thinking about using f5 for the future.
          rmhooper
          New Member
          Posts: 3
          New Member
            Brian, Our company also uses F5. The SSL certs will be on the F5. We were initially considering using a separate Proxy server but our Networks guys have informed us that the F5 will provide this capability. Would you be willing to share the F5 rule that you used to get around the Qualified URL message?

            Thanks much.
            Brian Allen
            Veteran Member
            Posts: 104
            Veteran Member
              We added an http endpoint for the external URL, but F5 is hiding the https from Lawson while securing the client connection to our network. Otherwsie, we would have to establish SSL on the Lawson side.
              Brian Allen
              Veteran Member
              Posts: 104
              Veteran Member
                I don't know what the rule is or have access to the F5 server. F5 set it up directly. If F5 can't seem to help with this I can ask our network team who set this up from F5. I know the initial consultants from F5 had difficulty setting up the rule.