Situation is as follows;
Via the internet we offer a number of WebDirect sites for students.
The FileMaker 17 Servers are in a separate VLAN.
Server is Windows Sever 2016
FileMaker 17 Server has IP 195.1x.x.x and a DNS name spfm01.domain.intra.
The webDirect site is offered on the internet by a Sophos reversed proxy as https://fm.tst.hsleiden.nl/test.html This is on the outside of the network.
When connecting to the reversed proxy, this is transferred to the server at 195.1x.x.x / spfm01.domain.intra.
The user only sees the domain fm.tst.hsleiden.nl. There is no direct contact with the actual server. This is the policy within the organization not to offer servers directly on the internet.
Now this connection to the FileMaker server works well. We just see local pages on this, for example https://fm.tst.hsleiden.nl/testlocal.html
Do you want to go to the Webdirect page then it goes wrong https://fm.tst.hsleiden.nl/fmi/webd
FileMaker 17 Server translates the url to its IP address 195.1x.x.x
Because the server is not allowed to communicate directly with the internet, the connection will fail.
This is a big problem for us. We can't upgrade our seven FileMaker Servers from 13 to 17.
In this Image shows that FileMaker WebDirect Services changes the DNS to the local IP address. On our local network the page will load, the firewall will allow this.
Externally this fails because the route runs through another route (not back to the reversed proxy), but thru the firewall. This will not load the page.