Create
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
Sign up Log in
Products
See all
Community resources
Top groups
Explore all groups
Community resources
Learn
Community resources
Events
Community resources

Jira in DMZ, AD server on the internal network

andrei oudovikine
andrei oudovikine May 27, 2019

Good morning.

I have installed Jira in our DMZ Tier. But our AD server, which is being used for authentication is located on our internal network. 

Question: Is there any proxy solution so, Jira can connect to AD server without exposing internal network (without opening firewall ports from DMZ to AD)?

Best Regards

Answer
Watch
Like Be the first to like this
935 views

1 answer

0 votes
josh
josh
Rising Star
Rising Star
Rising Stars are recognized for providing high-quality answers to other users. Rising Stars receive a certificate of achievement and are on the path to becoming Community Leaders.
Get recognized
May 28, 2019

Hi Andrei,

Probably not. But you can use the ldaps (secure) protocol on port 636 by using the instructions here to give Jira the certificate required to communicate with the AD server.

https://confluence.atlassian.com/doc/configuring-an-ssl-connection-to-active-directory-229838458.html

I have an alternative choice as well.

You could host a server on the DMZ that only is a web server (nginx or apache) that acts a proxy through the firewall to the backend Jira server. That way, Jira is not directly exposed to the internet, and you would only need to open an http port (8080 likely) through the firewall.

https://confluence.atlassian.com/doc/running-confluence-behind-nginx-with-ssl-858772080.html

-Josh

Reply

Suggest an answer

Log in or Sign up to answer
Jira
Jira Software
TAGS
AUG Leaders

Atlassian Community Events

    See all events