cancel
Showing results for 
Search instead for 
Did you mean: 

Blocking Portal access from certain IP addresses

Former Member
0 Kudos

Hi,

We are using portal cluster with external load balancer. We want all the users to access portal only through load balancer and we want to block any direct access to the portal. Is there any configuration in the portal through which, we can block the access from certain IP addresses so that we can allow access only for the load balancer IP address.

We are using EP 7.0 SP10.

Helpful answers will be rewarded.

Regards,

Chandra

View Entire Topic
eddy_declercq
Active Contributor
0 Kudos

Hi,

Isn't it easier to solve this problem DNS wise? Have only one valid DNS : the one from the load balancer.

Eddy

-


Pimp up the S(D)N site and earn points. Check this <a href="/people/eddy.declercq/blog/2007/02/01/pimp-up-the-jam log</a> for details

Former Member
0 Kudos

Thanks Eddy for your answer.

Actually we want to block the direct access to portal in any case.

If we just block the access using DNS approach, in case user knows the portal host IP address, he can access it by putting an entry in his hosts file. Thats why we are looking for some configuration at the portal level to block the request from all the IPs except load balancer IP.

Regards,

Chandra

achim_hauck2
Active Contributor
0 Kudos

chandrashekhar,

that is normally done by a firewall placed before the portal with only allowing connections from the load balancer. the portal (Web Application Server) can't block any IP addresses.

kr, achim

eddy_declercq
Active Contributor
0 Kudos

Hi,

Check what SAP has to say on FWs:

http://help.sap.com/saphelp_nw2004s/helpdata/en/0a/0a2e1bef6211d3a6510000e83

5363f/frameset.htm

Eddy

-


Pimp up the S(D)N site and earn points. Check this web log for details

Former Member
0 Kudos

Thanks all for your answers...

Actually we don't have a firewall between our intranet (user desktop) and datacenter (server location) and so looking for other kind of solution.

Regards,

Chandra

Former Member
0 Kudos

Hi,

You can also look into an option to create a custom login module that will work as an IP filter.

See the following PDF for more info:

https://www.sdn.sap.com/irj/servlet/prt/portal/prtroot/docs/library/uuid/17be8b32-0a01-0010-51bc-8fe...

Never tried that myself though

Regards,

Mike