Accessing our Intranet from outside our Network - WITHOUT VPN

apache-2.2 windows-server-2008-r2 intranet
6,379

Unless the new "extranet" (better describes your site) is accessible from a publicly routable IP you have to provide some remote access or tunneling method to get "on" to the network and then pull the site up.

That being said, you could go one of these routes...

  1. Work with the state network people, get VPN access, seems like this won't happen, but you never know.
  2. Utilize some sort of edge/proxy server that can sit on the public internet and relay requests to your internal server. This provides you with a true intranet site with an extranet mechanism to get into the intranet site.
  3. Route your intranet site to the public network again, like it used to be... solves the problem for sure!
  4. As an aside you may also want to investigate adding ADFS (Active Directory Federation Services) into the mix, this could help you out in the long run with secure tokens. Again when combined with option 2, the user would get a simple forms based login page and if successful they would get redirected to your intranet site along with a secure token so login doesn't have to happen twice. Either way, might be good to look into.
Share:
6,379

Related videos on Youtube

westexasman
Author by

westexasman

Updated on September 18, 2022

Comments

  • westexasman
    westexasman over 1 year

    We just upgraded our company intranet from an IIS based, ASP (poorly written) server/code base to a Windows Server 2008 r2 (Apache/MySQL/PHP) server.

    The old server allowed users to login to intranet.xxx.org using there AD user/pass which then lead them to the company Intranet from basically anywhere they had Internet access.

    We want to mimic that functionality (or change it to something more secure) with the new setup.

    This was seemingly setup for off-site employees running on a state network. The state network does not allow VPN, therefor, we needed a way to allow those employees access to the Intranet.

    So, how do we go about allowing users to login from the outside world and gain access to our Intranet?

  • westexasman
    westexasman almost 12 years
    That's a way to look at it... yes. However (and I just discovered this): Some of our employees are off-site, running on a state network. This state network does NOT allow VPN. Those employees need a way to access the intranet without the use of VPN. I believe that is why the above method was created.
  • westexasman
    westexasman almost 12 years
    Furthermore... the OLD intranet was setup that way. The current Intranet is NOT accessible to the outside world via any means, for the time being.
  • westexasman
    westexasman almost 12 years
    We utilize Forefront Threat Management... so we will be looking down that path to get this to work. Thanks for the insight!

Recents

Why Is PNG file with Drop Shadow in Flutter Web App Grainy?
How to troubleshoot crashes detected by Google Play Store for Flutter app
Cupertino DateTime picker interfering with scroll behaviour
Why does awk -F work for most letters, but not for the letter "t"?
Flutter change focus color and icon color but not works
How to print and connect to printer using flutter desktop via usb?
Critical issues have been reported with the following SDK versions: com.google.android.gms:play-services-safetynet:17.0.0
Flutter Dart - get localized country name from country code
navigatorState is null when using pushNamed Navigation onGenerateRoutes of GetMaterialPage
Android Sdk manager not found- Flutter doctor error
Flutter Laravel Push Notification without using any third party like(firebase,onesignal..etc)
How to change the color of ElevatedButton when entering text in TextField

Related

Run httpd as a user (Windows)
How can I create a custom TLD (for an Intranet) on my Wi-Fi network with a Windows computer and Apache?
Apache kerberos authentication to Active Directory not happening. (Is KRB5KDC_ERR_C_PRINCIPAL_UNKNOWN related?)
Using Apache as a reverse proxy HTTPS server in front of Remote Desktop Gateway server
why isn't laravel's php artisan serve server being accessible from the WWW on IIS
Apache stopped working permanently after error "Server ran out of threads to serve requests."
Joining an Active Directory domain using netdom
confusing CPU load in apache server-status
Found CRL is expired - revoking all certificates until you get an updated CRL
Accessing MSMQ via PowerShell