11-03-2009 02:55 PM - edited 03-09-2019 10:41 PM
Hi All,
there is NAS, OOB, L3, RGW implementation. I've remove NAS from NAM, then readded it. after that, when I type NAS untruted interface in broswer, it prompts to redirect and after a while it shows "web page can't be displated". In address bar in IE, it only shows domain name without the NAS host name. like: https://companyabc.com/......
I've checked DNS and it looks ok.
any suggestion would be very appreciated.
thanks
Alex
11-03-2009 05:49 PM
Alex,
So your client can resolve the redirect URL that the NAS tries to send it to? In your example companyabc.com ?
If so, how are you forcing the traffic to hit the untrusted interface of the NAS? Using PBRs? ACLs? or VRFs?
Faisal
11-03-2009 08:37 PM
Hi Faisal,
redirect URL is not resolvable by client that's why it shows "web page can't be display". the actual URL is:
I am using ACL.
Thanks again
Alex
11-03-2009 08:39 PM
Alex,
Contractorswardrobe.net has to be resolvable, otherwise how would the browser direct the traffic to that site?
Ensure your DNS traffic is also allowed through the ACLs, and for testing you can put that dns name in your hosts file and see if the redirection and authentication attempt thereafter happens or not.
HTH,
Faisal
11-04-2009 07:47 AM
Faisal,
first users type cw-nas-oob on the url. this name in DNS resolved to untrusted interface in nas. then it redirect to contractorswardrobe.net/.... url which is not resolvable.
thanks
Alex
11-04-2009 07:56 AM
Alex,
That is my point. It has to be for your client to get to that site. Why is it not resolving? Focus on that portion and troubleshoot that first.
HTH,
Faisal
11-04-2009 10:37 AM
Faisal,
my question is: when I type cw-nas-oob as URL in address bar, why does it redirect to the domain name without host name, like: https://contractorswardrobe.net.....
I think it's supposed to redirect to:
https://cw-nas-oob.contractorswardrobe.net.....
but it doesn't.
any idea would be very appreciated.
thanks
Alex
11-04-2009 10:44 AM
Alex,
The CAS pulls that URL for the redirect from its certificate subject. What do you have the CAS certificate issued to? If it's contractorswardrobe.net, change it to cw-nas-oob.contractorswardrobe.net, reboot and try again
HTH,
Faisal
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide