Using reverse proxy

When using  ESET Secure Authentication behind a reverse proxy server (for example, to make the Authentication Server accessible via public domain address), consider the information below:

In invitation details:

oUse the IP address of the proxy server instead of the name of Authentication Server

oUse the certificate hash of the proxy server certificate

 

If Authentication Server is installed in Active Directory Integration mode:

oESA components (for example, Windows Login, Remote Desktop Protection, RADIUS)  have to be installed in Standalone mode

oIn invitation use the IP address of the proxy server instead of the name of Authentication Server

oCannot log in to the ESA Web Console using domain authentication

If you want to use a proxy server for port forwarding only, you still have to regenerate a server certificate with the new IP_address:port as the alternative name.