Securing PAS inside firewall

Posted by Gareth Payne on 29-Nov-2016 11:36

Hi All,
Customer wants to have IIS server inside a firewall, talking to a backend PAS server (hosting rest services)  via PAS SSL port.
Does anyone know how to achieve this?
Trying to use URL rewrite module in ISS to reverse proxy requests to PAS SSL port with limited success. Seems to work using local browser connect to IIS, but connecting to IIS via remote machine does not work unless I bypass IIS.
IIS is listening on port 80 (http) and I have set up a reverse proxy in IIS to redirect traffic to https PAS port.
Is this a valid approach, can it be done?
Putting tomcat PAS in DMZ would be easier, but less secure (need to open database ports through firewall).
Kind Regards
Gareth Payne • Senior Consultant
Tel +44 (0)1344 386348  Mob +44 (0)7776 302465 • Fax +44 (0)1344 386301
Progress Software Limited
3rd Floor | 3 Arlington Square | Downshire Way | Bracknell, Berkshire | UK | RG12 1WA
email :

All Replies

Posted by Irfan on 29-Nov-2016 11:42

Hi Gareth,

It has to work fine with URLRewrite or AJP13. I would suggest try routing it to  HTTP port first and then try for HTTPS.

This thread is closed