Hello everybody,
I'm looking for a solution.
We want to access prime infrastructure, who is managed by OPC from internet. We configured RP and then we configured also NAT.
We're just in preparation to put OPC in production, but found the issue what we simulated also in our internal LAB.
Problem is, that OPC is acting as SSO server and this is doing a redirection into internal domain, and this is the root cause of the issue.
Example:
If you would access PI managed by OPC:
1. https://prime.public.lab it's going into RP, who will forward this traffic to FW where is NAT congured.
2. PI has to be authenticated via SSO and this is OPC (Operation Center)
3. PI will do a redirect and connection is closed
The redirection looks like:
https://opc.internal.lab/SSO/login?service=https%3A%2F%2Fprime.public.lab%3A443%2Fwebacs%2Fj_acegi_cas_security_check
Has somebody met this situation? I believe we're not first who want to access PI managed by OPC from outside though NAT IP's.
When we're using same architecture to access PI without OPC, then it works properly.
Thank you for asnwer.