Subscribing is a smart move!
You can subscribe to this board after you log in or create your free account.
Invite a Co-worker
Send a co-worker an invite to the portal.Just enter their email address and we'll connect them to register. After joining, they will belong to the same company.
Send Invite Cancel
Contact Support
Submit a support request for additional assistance with EcoStruxure IT software.
Select your language from the translate dropdown in the upper right.
If you want to make the IT Advisor web client or Tenant Portal available to your colleagues or customers directly from the Internet, make sure you have a proxy configuration in the DMZ.
Note: The DMZ setup protecting ITA against direct Internet access is entirely your own responsibility!
Here are some recommendations on how to set up the proxy server.
This is not a complete guide. You should already have a working knowledge of scripting, web proxy, and DMZ configuration, or find it easy to acquire this knowledge.
About DMZ proxy and firewall port configuration
The ITA server should be on a protected network behind a firewall and not exposed directly on the Internet.
The only incoming traffic allowed through the firewall to the ITA server should be on ports 80/443.
Note: It is required that you set up a proxy server in the DMZ, only supporting incoming https on port 443 and proxying requests to the ITA server on port 80/443 to the path: /web/ only.
You may want to use Nginx, Apache, AH Proxy, or some other proxy tools. Examples here will be referring to an Nginx setup.
You should only use secure https protocols, not e.g. SSL v2. For an Nginx setup, the default protocols: TLSv1, TLS1.1, TLSv1.2 are supported.
Configuring a proxy for the Tenant Portal
Proxy specific commands are explained in this section. For more information, refer to the complete Nginx configuration guide.
- Ensure the Nginx server only handles https.
If an http request is made, it will be forwarded to https.
# Redirect browsers from http to https
server {listen 80;
rewrite ^(.*) https://$host$1 permanent;} - Set up the actual ssl connection pointing to the certificates.
# Set up the proxy to DCO or ITAserver {listen 443 ssl;server_name $NGINX_ADDRESS;ssl_certificate $PATH_TO_CERTIFICATE_FILE;ssl_certificate_key $PATH_TO_PRIVATE_KEY_FILE;
} -
Proxy to the Tenant Portal
# First handle requests to the actual application path /web
location /web/ {proxy_pass http://$DCO_ADDRESS;} -
Proxy root requests to the same location.
This is an additional option to proxy root requests to the same location, allowing the user to exclude /web in the URL when accessing the Tenant Portal.
NOTE: The order matters! The location /web must be specified before location /.
# Handle root requests and forward to /weblocation / {proxy_pass http://$DCO_ADDRESS/web/;}
Didn't find what you are looking for? Ask our Experts
Create your free account or log in to subscribe to the board - and gain access to more than 10,000+ support articles along with insights from experts and peers.