Hi Johann,
We have implemented to our customer such a way that users from internet and intranet are able to connect using same url using SAP Webdispatcher. Below are the security points were also taken care.
Here i am providing information for two system EP (eg. prodep), SID EPP and EPR (eg.proderp) and SID = PRD
a.) Actual Hostname of Portal system (prodep) shouldn't be viewed in url.
b.) Port information should be hidden in url
c.) Users should be able to access URL from internet and intranet.
To achieve about you need work from Network,Firewall and SAP Basis areas.
1.)Decide on ports to be opened to internet to access EP system. Here I have configured default port 80 in my scenario.
2.) Public IP and Static IP should be resolvable to same hostname for eg.if internet users need to connect from url let say mysapportal.com.
3.) Please reach out you network team to configure DNS in such a way that when you do nslookup
for public ip and static, or webdispatcher hostname you should be able to see mysapportal.com
4.) Maintain below parameters
icm/server_port_0 = PROT=HTTP, PORT=8000
icm/server_port_2 = PROT=HTTP, PORT=80
wdisp/system_0 = SID=PRD, MSHOST=hostname,MSPORT=81nn,PROT=HTTP, SRCURL=/sap/bc;/sap/, SRCSRV=*:8000
wdisp/system_1 = SID=EPP, MSHOST=hostname, MSPORT=81nn,SRCURL=/, SRCSRV=<url to be accessed>:*
5.) Maintain WAS & IT connection details on your webdispatcher hostname and port
Let me know if you need further information and help.
Regards
KSK