Website through sbpam

Good morning

an external vendor needs to connect to an hmi within our network through http/https.

I have created a website type activity and a website type resource with the ip of the hmi in the logon url field (I have not filled in the associated resource, associated domain controller and service account fields).

In the activity the configurations are these

The access policy is resource based.

The provider accesses the pam through a client-to-site VPN and the firewall policy only grants access to the PAM.

When the user accesses the pam, he sees the access policy and when he deploys, he finds the possibility to connect to the hmi but without going through the pam, in fact in the address bar of the browser, the ip of the hmi appears. Obviously the firewall policy does not allow direct access to the ip of the hmi.

How can it, the pam, function as a proxy in this case?
Thanks!

Hello, Matteo.

One possible solution would be to use an RDS website launcher (documentation available here). The website could be configured as an RDS remote app. The idea is that the website for the HMI would be served up by the RDS server (which resides in your network).

Best,
-Ben

3 Likes