SharePoint Online: Inbound search inquiry

Question

Hi All,

We have setup the hybrid federated search in SharePoint 2016.

Currently Inbound and Outbound is working fine.

When we setup the external site in reverse proxy we only allow IP's coming from Microsoft SharePoint Online only.

When we search using inbound we can see the document (SP on-prem) but we cannot access the document because our IP is blocked.

We tried to allow my IP on the firewall, after allowing it successfully render the files using the Office Online Server configured on SP2016 on-premise.

My question is do we need to allow the site to be published externally? I tried looking for the documentation on this but I cannot find any.

Answer 1

I don't think you need to allow the site to be published externally. According to this article: configure-inbound-connectivity. You could use the External URL for your site. External URL :The endpoint URL of the reverse proxy device that faces the Internet.

There are three site collection strategies:
• Host-named site collection
• Path-based site collection (with AAM)
• Path-based site collection (without AAM)

Assuming that you are configuring a site collection strategy by using a path-based web application with AAM. The default zone the web application is http://sp2016, you could extend the web application to Internet zone and use the External URL as the public url for this zone.

Answer 2

If I'm interpreting your question correctly, your users can execute a search query via SPO but they're unable to render the document. End users are performing that render action (via Office Online Server), not the server-to-server connection. That means your end users must be able to not only access the document itself (i.e. the SharePoint Web Application needs to be accessible), but they also must be able to reach the valid Office Online Server URL.