I want to link my jira (VM1) application to confluence (VM2). My SSL certs are stored in F5 (big-ip) which is used as a reverse proxy.
Clients conntect via https on port 443. The reverse proxy (192.168.178.1) F5 will then forward to request (jira-test.net or confluence-test.net) using SNI to the SAML AUTH -> tothe backendIP. If the client would like to connect to jira or confluence will be solved with SNI.
If I try to curl or link the application within webinterface from VM1 or VM2, I get HTTP 302 message from F5 telling me that the access policy is not okay "DENY". I can follow the curl with: curl -L and end up getting this: /my.logout.php3?errorcode=19' and then http 200 with some f5 errorpage. But the SSL cert handshake is ok.
Since the VM1&2 are in DMZ I would like to link the applications. I can access from external address both services.
Can anybody tell me what setting is required in the f5 BigIP to be able to link my application? I tried different access policys with "ip subnet match" pointing to the BackendIP's from VM1&2, but still no change. Are there any other settings I could try?
Any help is appreciated.
Thank you for your answer @Thomas Deiler
we already setup all the proposed jira/conf server.xml settings and client login is working via ssl cert.
The problem is the f5 bigip proxy config, I'm not sure how to configure this proxy to be able to link my applications (jira and confluence).
For now, I'm getting redirected to /mypolicy site when trying to link confluence application to jira. We tried different settings within the APM - Access Policy Manager, but nothing seems to work. Any access from within DMZ to f5 is routed directly to 302 errorpage... .
Dear @Kris ,
to be honest, f5 is the Bugatti under the commercial firewalls. To fully understand this piece of metal you need trainings and loads of time. Or an expensive expert.
Please understand that this community cannot jump inside this gap. There is a chance that an expert is reading over this article, but I doubt.
So I recommend https://serverfault.com/ . There are some experts, that probably know what to do.
Sorry for not being more helpful
Connect with like-minded Atlassian users at free events near you!Find an event
Connect with like-minded Atlassian users at free events near you!
Unfortunately there are no Community Events near you at the moment.Host an event
You're one step closer to meeting fellow Atlassian users at your local event. Learn more about Community Events