The alternative would be to write your own filter...I've got no experience in doing this but it may be possible to create an ISAPI filter (http://en.wikipedia.org/wiki/ISAPI) that checks for the arsys URL and then compares it to a list of IP address ranges and only allows access under certain conditions.
Good luck and please let us know which way you go and any pains you run into. --- J.T. Shyman -----Original Message----- From: Action Request System discussion list(ARSList) [mailto:[EMAIL PROTECTED] On Behalf Of Dwayne Martin Sent: Thursday, May 29, 2008 11:31 AM To: arslist@ARSLIST.ORG Subject: Re: Mid-tier and internal network Thanks, Russel and Brad and JT. The trouble with a separate website is that we have links to all these websites that point to "https://remedy.jmu.edu/whatever.asp." Tracking all those links down and changing them, or changing our Mid-Tier address would be a major pain, but that might be the way we have to go. Dwayne ---- Original message ---- >Date: Thu, 29 May 2008 10:41:38 -0400 >From: "J.T. Shyman" <[EMAIL PROTECTED]> >Subject: Re: Mid-tier and internal network >To: arslist@ARSLIST.ORG > >Dwayne, > > This can be done but I cannot tell you exactly how as it has been a >while since I secured websites on IIS. > > I believe the way to do this would be to create a separate website >on the IIS server for the AR Mid-Tier and add an IP Address range >restriction to it so that only users who have IP addresses in certain ranges >can access the page. You may be able to find some information on Microsoft's >site >(http://www.microsoft.com/technet/prodtechnol/WindowsServer2003/Library/IIS / >4117d9e2-c7e0-46db-88f6-6e804b4325b0.mspx?mfr=true)about setting this up in >IIS and it will likely take some testing to get it to work properly with >ARS. > >--- J.T. Shyman > > -----Original Message----- >From: Action Request System discussion list(ARSList) >[mailto:[EMAIL PROTECTED] On Behalf Of Dwayne Martin >Sent: Thursday, May 29, 2008 10:19 AM >To: arslist@ARSLIST.ORG >Subject: Mid-tier and internal network > >Dear List, > >We have a Mid-Tier system on a web server that is accessible only to our >university's internal network. That is, someone from within the University >can access the Mid-Tier, but someone outside can't unless they have a VPN. > >Unfortunately, we also have numerous regular web pages that we DO want >outsiders to be able to access. Has anyone had any experience setting up a >web server so that Mid-Tier is only available internally, but regular web >pages are available to the world? > >(Mid-Tier 7.1 patch 2, IIS 6 web server, Windows 2003 machine, Tomcat >servlet server) > >___________________________________________________________________________ ____ >UNSUBSCRIBE or access ARSlist Archives at www.arslist.org >Platinum Sponsor: www.rmsportal.com ARSlist: "Where the Answers Are" ____________________________________________________________________________ ___ UNSUBSCRIBE or access ARSlist Archives at www.arslist.org Platinum Sponsor: www.rmsportal.com ARSlist: "Where the Answers Are" _______________________________________________________________________________ UNSUBSCRIBE or access ARSlist Archives at www.arslist.org Platinum Sponsor: www.rmsportal.com ARSlist: "Where the Answers Are"