Access to external Website with outgoing static IP from company
Our company employees need to visit an external website. The website can be accessed from anywhere, but login is only possible with the company's outgoing static IP address.
The option “Route all client traffic through the tunnel” is disabled for SSL VPN users. Is it possible to route only the traffic for this website via VPN so that the website is visited via the company's static IP?
0
Sign In to comment.
Comments
Try adding the web site IP addr to the SSLVPN allowed resources list.
Thanks, this works. I can´t add the IP but the whole subnet. After this I create a HTTPS policy.
Would this also work as Reverse Proxy application in the AcessPortal?
@VGBH
You can add a single IP as a /32
The reverse proxy could potentially work, provided the website is compatible with it.
-James Carson
WatchGuard Customer Support
/24 also works, at least in WSM Policy Manager - where I tried it.
1.2.3.4/24
Thanks, it worked!
How could I do it for Access Portal as Web-Application?
I create a reverse proxy entry for this website with the following settings but a login is not possible. Is there anything else, what I have to configure?
external site: example.com
internal site: example.com
[x] Trust Certificate
URL Path Mapping
From and To: /abc
Authentication: Access Portal
Forward credentials: no (The credentials are different)
Hi @VGBH I'm not sure what exactly you mean by web application. If you're looking for the Access Portal to render the page in a frame it won't do this for reverse proxy.
-James Carson
WatchGuard Customer Support
I try to create a Web-Application (Type) in Access Portal. Like the SSL-VPN user, the Access Portal user also need access to the external Website with the outgoing static IP from the company. This is needed because this external website has a whitelisting and you can only login from the external company ip address.
Would these somehow possible to configure?