This solution applies to Barracuda SSL VPNs, all firmware versions.
A new webmail redirector (from the Lotus webmailr.ntf
template) was created specifically for the SSL VPN configuration. This was
placed in the mail directory on the Domino server along with the mail files
(otherwise another path will be required in SSL VPN).
Note: this is a standard template that is available in Domino - basically it gives a simple URL everyone can use so they don't need to know the specific URL for their personal mailbox.
Open this redirector and click setup. The UI setup and Application Setup are as for our normal (internal) redirector (i.e. follow the instructions, customise as you see fit).
Under Server Settings, note the following:
• Redirector type is Dynamic - this means the server portion of the URL will not be changed from the SSL VPN URL used when the page is opened.
• Fixed would probably work, but dynamic means you don't have to worry if the SSL VPN address changes.
• Leave the path blank
• Force SSL for the entire session is set to Yes – otherwise the redirect will revert to http when opening the mailbox, and SSL VPN won't work.
• Port number is 443 (standard) unless the SSL VPN configuration is non-standard
• Debug is off.
Create a new Path based reverse proxy in SSL VPN. The site should be
Edit the new Web Forward and add the following paths to the
system (explanation in brackets). This step may no longer be required from
firmware 1.7 as the web forward tries to autolearn any paths involved, but
there will be no harm from entering the following anyway:
- /mail *(this is the path to the mailboxes on the server).
- /iNotes *(this is an internal DWA address).
- /icons (images used by the template - not strictly necessary, but it looks better if it's included).
- /dwagss.jar *(a java file used by the iNotes backend. Apparently you can add individual files from the root into the paths and it will work fine).
- /domcfg.nsf (this is where the login page is stored. Not actually necessary, but any images on the login page won't appear if it's not there).
(note capitals! - this is where the login page submits to, and you wont
get past here unless it's included).
Those with the * are (most likely) the ones necessary if you only use basic authentication against the domino server.
Link to This Page: