i want to use wingate to serve as middle man between external and internal network. i am very new to wingate i am facing lot of issue with configuration etc.
reverse proxy
i have only one public ip address on me and multiple internal servers running on port 80 and 443 now i want to map my internal server using url only. internal and extenal servers are https based
https://publicip/webmail should redirect to 192.168.20.1:443
https://publicip/payroll should redirect to 192.168.20.5:443
https://publicip/webmag should redirect to 192.168.20.5:80
forward proxy - i will call my proxy server address to access my external server. it is my application dependency that i can not use proxy server configuration inside application ( redirection is showing external server ip address into address bar and application fails due to it.) i want application should see only internal server not external
https://192.168.20.1/paycheck/default.asp should actually go to https://externalserverip/paycheck/default.asp
https://192.168.20.1/userinit/default.asp should actually go to https://externalserverip/userinit/default.asp
Thanks in Advance
Mahesh
URL Rewrite and multiple servers using reverse proxy
Moderator: Qbik Staff
4 posts
• Page 1 of 1
URL Rewrite and multiple servers using reverse proxy
by maheshmokal » May 09 14 3:06 am
- maheshmokal
- Posts: 3
- Joined: Apr 21 14 9:53 pm
Re: URL Rewrite and multiple servers using reverse proxy
by adrien » May 09 14 12:34 pm
Hi
do you have dns-based host name for your external IP? Or are clients on the internet accessing it using its IP address only (e.g. no name in the URL, just an IP address).
For public access to your site running https, in order to avoid browser warnings, the name in the certificate must match the name of the server that the client thinks it is connecting to.
WinGate is able to accept the connection from the outside with SSL, accept an http request and then connect back to an internal server based on attributes of the request (such as parts of the requested resource). It can connect back in using https or plain http. Policy allows you to specify the back end, and modify requests on a per-request basis.
As for forward proxy, I'm not sure I understand you. If your clients resolve the name to the external IP, and are intercepted outbound (or even not) they will connect to the external interface which would then be reverse proxied back into your network. This should work with a reverse proxy, but won't work with a extended networking port redirect. What problem are you seeing?
Regards
Adrien
do you have dns-based host name for your external IP? Or are clients on the internet accessing it using its IP address only (e.g. no name in the URL, just an IP address).
For public access to your site running https, in order to avoid browser warnings, the name in the certificate must match the name of the server that the client thinks it is connecting to.
WinGate is able to accept the connection from the outside with SSL, accept an http request and then connect back to an internal server based on attributes of the request (such as parts of the requested resource). It can connect back in using https or plain http. Policy allows you to specify the back end, and modify requests on a per-request basis.
As for forward proxy, I'm not sure I understand you. If your clients resolve the name to the external IP, and are intercepted outbound (or even not) they will connect to the external interface which would then be reverse proxied back into your network. This should work with a reverse proxy, but won't work with a extended networking port redirect. What problem are you seeing?
Regards
Adrien
- adrien
- Qbik Staff
- Posts: 5448
- Joined: Sep 03 03 2:54 pm
- Location: Auckland
Re: URL Rewrite and multiple servers using reverse proxy
by maheshmokal » May 15 14 10:12 pm
i want to do reverse proxy external servers 57.181.xxx.57 57.181.xxx.58 running web services http and https (80 and 443). my proxy server ip address is 192.168.2.10 now i want to reach to external servers by calling url https://192.168.2.10/paycheck/default.asp and https://192.168.20.1/userinit/default.asp . it is my application dependency that i can not configure Proxy settings inside it like we do for web browser. so i want 192.168.2.10 should give me data from external server(NAT/MAP) .
Redirection fails cause Proxy take request from 192.168.2.10 and redirect it to 57.181.xxx.57 as in return page and on address bar i am getting 57.181.xxx.57 . i have firewall policies to allow traffic of 192.168.xx.xx range only.
i want to do reveres proxy and request should go to appropriate server by looking at url address
https://192.168.2.10/paycheck/default.asp should actually go to https://57.181.xxx.57/paycheck/default.asp
https://192.168.2.10/userinit/default.asp should actually go to https://57.181.xxx.58/userinit/default.asp
note ip address change to match to actual setup, network diagram attached
Redirection fails cause Proxy take request from 192.168.2.10 and redirect it to 57.181.xxx.57 as in return page and on address bar i am getting 57.181.xxx.57 . i have firewall policies to allow traffic of 192.168.xx.xx range only.
i want to do reveres proxy and request should go to appropriate server by looking at url address
https://192.168.2.10/paycheck/default.asp should actually go to https://57.181.xxx.57/paycheck/default.asp
https://192.168.2.10/userinit/default.asp should actually go to https://57.181.xxx.58/userinit/default.asp
note ip address change to match to actual setup, network diagram attached
- Attachments
-
- Drawing1.jpg (126.54 KiB) Viewed 10722 times
- maheshmokal
- Posts: 3
- Joined: Apr 21 14 9:53 pm
Re: URL Rewrite and multiple servers using reverse proxy
by adrien » May 20 14 10:31 am
Hi
ok, this isn't really a reverse proxy scenario. You just want to map 1 host to another.
For this you can use flow-chart policy. For instance check if the URL matches what you want, and overwrite Session.ServerIP.
E.g. have a expression evaluator containing
Session.ServerIP == "192.168.2.10"
in the true case, connect to another expression evaluator (uncheck evaluate to boolean) where you have
Session.ServerIP = "57.181.xxx.57"
This will then check if the requested server is 192.168.2.10, and in that case instead connect to 57.181.xxx.57
Is it true you will be connecting by IP address? You may need to also edit the host header if this should be seen by the receiving server as a name instead of an IP. With an IP address, you can only access the default service on port 80/443, whereas with a name, they can run multiple servers by switching based on the host header.
ok, this isn't really a reverse proxy scenario. You just want to map 1 host to another.
For this you can use flow-chart policy. For instance check if the URL matches what you want, and overwrite Session.ServerIP.
E.g. have a expression evaluator containing
Session.ServerIP == "192.168.2.10"
in the true case, connect to another expression evaluator (uncheck evaluate to boolean) where you have
Session.ServerIP = "57.181.xxx.57"
This will then check if the requested server is 192.168.2.10, and in that case instead connect to 57.181.xxx.57
Is it true you will be connecting by IP address? You may need to also edit the host header if this should be seen by the receiving server as a name instead of an IP. With an IP address, you can only access the default service on port 80/443, whereas with a name, they can run multiple servers by switching based on the host header.
- adrien
- Qbik Staff
- Posts: 5448
- Joined: Sep 03 03 2:54 pm
- Location: Auckland
4 posts
• Page 1 of 1
Who is online
Users browsing this forum: No registered users and 29 guests