We are in production where we have two urls one for intranet(tableau.XXX.com) and other one is for external user-internet(tableauweb.XXX.com). We have apache webserver in DMZ which for external url with SSO enabled. Even though we have configured reverse proxy on Apache server in DMZ to reroute request to internal app(please see the below), when user access external url tableau return back to only internal url. But we want to retrain external url. Exposing internal url is security risk for us. This is one of road block for us to open up application externally.