Web

The Web category allows you to tweak settings necessary for load balancing in certain scenarios. Here you can specify a redirection URL for web requests and a session cookie name to maintain persistence between a client and a server.

Redirection URL

The original web request can reach the gateway one of the following two ways:

  • The request is sent directly to the Gateway over the local network using its IP address or FQDN. For example, https://192.168.10.10.
  • The request is sent to a HALB device that load-balances this and other gateways in the Farm. The HALB device often faces the Internet (i.e. located in DMZ) and so its DNS name can be used in the original request URL. For example, https://ras.msp.com. The HALB device is then distributes the request to a gateway.

When the gateway receives the web request, it takes the URL specified in the Web category and sends it back to the web browser for redirection.

Technically, you can enter any URL here, and the original web request will be redirected to that URL. The primary purpose of this field, however, is to give end users an easy way to access the User Portal from their web browsers. Here's how it works:

  1. A user enters the Load Balancer DNS name in a web browser. For example, https://ras.msp.com.
  2. The Load Balancer receives the request and distributes it to the least-busy RAS Secure Gateway for processing.
  3. The gateway receives the original URL and replaces it with the URL specified in the Default URL field. See the Default URL format subsection below.
  4. The replaced URL is then sent back to the web browser, which uses it to open the User Portal login page.

Default URL format

The default URL format is the following:

https://%hostname%/userportal

  • The %hostname% variable is automatically replaced with the name of the server that received the original request, which in our example is the Load Balancer DNS name. If you wish, you can replace the variable with a specific host name or IP address (e.g. this or some other gateway). For example, https://192.168.5.5/userportal. If you do this, the web requests will always be forwarded to the specified host and will open the User Portal on it. Hard-coding a host may not be very practical, but you can do this nevertheless.
  • userportal is a constant and is the path to the User Portal login page.

In our example, the resulting URL that the web browser will use to access the User Portal is the following:

https://ras.msp.com/userportal

The fact is, a user could simply use the above URL from the start, but thanks to the redirection feature, users only need to enter the server DNS name (or FQDN/IP-address on the local network) instead of the entire URL.

Opening a specific User Portal Theme

User Portal Themes is a feature that allows you to custom design the User Portal look and feel for different groups of users.

The default web request URL opens the default Theme. To make it open a specific Theme, add the Theme name at end of the URL as follows:

https://%hostname%/userportal/?theme=<theme-name>

where <theme-name> is the name of a Theme without brackets or quotes.

For users to open a specific Theme, the URL that they enter in a web browser must contain the Theme name, but in this case the format is as simple as the following:

https://<server-name>/<theme-name>

Using our Load Balancer DNS name example from above, the URL may look like the following:

https://ras.msp.com/Theme-E1

For additional information, please see User Portal Theme Settings > URLs.

Open User Portal

The Open User Portal button uses the specified gateway address and opens User Portal on this particular gateway in a new tab. You can use this button to test your deployment.

Web cookie

The Web cookie field is used to specify a session cookie name. RAS HTML5 session persistence is normally set by user's IP address (source addressing). If you can't use source addressing in your environment (e.g. your security policy doesn't allow it), you can use the session cookie to maintain persistence between a client and a server. To do so, you'll need to set up a load balancer that can use a session cookie for persistence. The default cookie name is ASP.NET_SessionId.

If you are using a third-party load balancer, such as Amazon Web Services (AWS), you need to specify its own cookie name. In case of AWS, when the load balancer first receives a request from a client, it routes the request to a target and generates a cookie named AWSALB, which encodes information about the selected target. The load balancer then encrypts the cookie and includes it in the response to the client. When sticky sessions are enabled, the load balancer uses the cookie received from the client to route the traffic to the same target, assuming the target is registered successfully and is considered healthy.

Was this topic helpful?