Environment
Novell BorderManager 3.9 Support Pack 2
Novell BorderManager 3.9 Support Pack 1
Novell BorderManager 3.9
Novell BorderManager 3.9 Support Pack 1
Novell BorderManager 3.9
Situation
When SSL Authentication is needed to access a webpage going through BorderManager we get redirected to an URL like:
https://bm-server.yourdomain.com//BM-Login/?%22http://original.url.com/%22
or
https://{IP address of BorderManager server}//BM-Login/?%22http://original.url.com/%22
Customer does not want the real name of the server been displayed on the URL. In the URL the bm-server.yourdomain.com or the {ip address of the BorderManager server} should be changed to ssl-auth.yourdomain.com, but it should not affect any other services running on the same server.
https://bm-server.yourdomain.com//BM-Login/?%22http://original.url.com/%22
or
https://{IP address of BorderManager server}//BM-Login/?%22http://original.url.com/%22
Customer does not want the real name of the server been displayed on the URL. In the URL the bm-server.yourdomain.com or the {ip address of the BorderManager server} should be changed to ssl-auth.yourdomain.com, but it should not affect any other services running on the same server.
Resolution
Make sure to have the following parameter in proxy.cfg, and it has to be set to 1:
ResolveProxyIPAddress=1
Add a secondary IPAddress to the server:
ADD SECONDARY IPADDRESS {another IP}
{another IP} has to be in the same subnet as the the {IP address of BM server}.
Make sure that {another IP} resolves to ssl-auth.yourdomain.com .
E.g. add an entry to SYS:/ETC/HOSTS file like:
{another IP} ssl-auth.yourdomain.com
Add the {another IP} to the Configured IP Addresses as a private, to make sure BorderManager listens on this IP address.
ResolveProxyIPAddress=1
Add a secondary IPAddress to the server:
ADD SECONDARY IPADDRESS {another IP}
{another IP} has to be in the same subnet as the the {IP address of BM server}.
Make sure that {another IP} resolves to ssl-auth.yourdomain.com .
E.g. add an entry to SYS:/ETC/HOSTS file like:
{another IP} ssl-auth.yourdomain.com
Add the {another IP} to the Configured IP Addresses as a private, to make sure BorderManager listens on this IP address.