Send a co-worker an invite to the portal.Just enter their email address and we'll connect them to register. After joining, they will belong to the same company.
You have entered an invalid email address. Please re-enter the email address.
This co-worker has already been invited to the Exchange portal. Please invite another co-worker.
Please enter email address
Send InviteCancel
Invitation Sent
Your invitation was sent.Thanks for sharing Exchange with your co-worker.
If you want to make the IT Advisor web client or Tenant Portal available to your colleagues or customers directly from the Internet, make sure you have a proxy configuration in the DMZ.
Note: The DMZ setup protecting ITA against direct Internet access is entirely your own responsibility!
Here are some recommendations on how to set up the proxy server.
This is not a complete guide. You should already have a working knowledge of scripting, web proxy, and DMZ configuration, or find it easy to acquire this knowledge.
ITA_proxy_overview_360007721638.png
About DMZ proxy and firewall port configuration
The ITA server should be on a protected network behind a firewall and not exposed directly on the Internet.
The only incoming traffic allowed through the firewall to the ITA server should be on ports 80/443.
Note: It is required that you set up a proxy server in the DMZ, only supporting incoming https on port 443 and proxying requests to the ITA server on port 80/443 to the path: /web/ only.
You may want to use Nginx, Apache, AH Proxy, or some other proxy tools. Examples here will be referring to an Nginx setup.
You should only use secure https protocols, not e.g. SSL v2. For an Nginx setup, the default protocols: TLSv1, TLS1.1, TLSv1.2 are supported.
Ensure the Nginx server only handles https. If an http request is made, it will be forwarded to https.
# Redirect browsers from http to https
server { listen 80; rewrite ^(.*) https://$host$1 permanent; }
Set up the actual ssl connection pointing to the certificates.
# Set up the proxy to DCO or ITA server { listen 443 ssl; server_name $NGINX_ADDRESS; ssl_certificate $PATH_TO_CERTIFICATE_FILE; ssl_certificate_key $PATH_TO_PRIVATE_KEY_FILE; }
Proxy to the Tenant Portal # First handle requests to the actual application path /web location /web/ { proxy_pass http://$DCO_ADDRESS; }
Proxy root requests to the same location. This is an additional option to proxy root requests to the same location, allowing the user to exclude /web in the URL when accessing the Tenant Portal. NOTE: The order matters! The location /web must be specified before location /.
# Handle root requests and forward to /web location / { proxy_pass http://$DCO_ADDRESS/web/; }