Configuring internal traffic rules in a single FQDN for all services deployment

Last Updated : Oct 10, 2018 |

Before you begin

Ensure that you have:

The TLS server profile for reverse proxy. For more information, see the TLS server profile creation tasks outlined in Checklist for creating a TLS server profile for reverse proxy in a single FQDN deployment.
The TLS client profile for reverse proxy. For more information, see the CA configuration tasks outlined in Certificate Authority configuration checklist.

Use the same TLS server and client profiles when configuring both external and internal traffic rules.

Log in to the Avaya SBC web administration portal.
Navigate to Device Specific Settings > DMZ Services > Relay Services > Reverse Proxy.
Click Add.
In Service Name, enter a name for the profile.
Select the Enable check box to enable the reverse proxy profile.
In Listen IP, select the internal A1 interface and the Avaya SBC external leg IP address.
In Listen Port, enter 443.
In Listen Protocol, select HTTPS.
In Listen TLS Profile, select the TLS server profile that you created.

An example of the TLS server profile name is webservicesTlsProfile.
In Connect IP, select the internal A1 interface and the Avaya SBC internal leg IP addresses.
In Server Protocol, select HTTPS.
In Server TLS Profile, select the TLS client profile that you created.

An example of the TLS client profile name is certificateAuthorityTLSProfile.
Select the Rewrite URL check box.
Click Add at the bottom of the page to create a set of rules and configure the rules as described in Internal traffic rules for a single FQDN deployment.
Click Finish.

Send Feedback