I'm not sure if this is what you're looking for, but I use apache as a proxy server using the ProxyPass directive. I have the apache box on a dsl line and a NAT'ed network behind (this could be a DMZ if I had some time and another few computers). When an outside user connects, they see the apache box. Apache proxys them out to an IIS server (or whatever you want) on the NAT'ed network. The user sees nothing... it looks like they're hitting the IIS (or whatever) server directly. Works for SSL too (between the user and the proxy, in my case), you just have to add SSL support to apache. Below are the relevant lines of the httpd.conf file. Hope this helps. adrianat_private LoadModule proxy_module modules/libproxy.so AddModule mod_proxy.c ProxyRequests On # Note addresses changed... NameVirtualHost 1.2.3.4 Listen 1.2.3.4:80 Listen 1.2.3.4:443 # This creates a virtual host that will be proxy'ed to another box. <VirtualHost 1.2.3.4> ServerAdmin webmasterat_private ServerName proxythis.yourdomain.com ProxyPass / http://192.168.1.1/ ProxyPassReverse / http://192.168.1.1/ ErrorLog logs/error_log TransferLog logs/access_log </VirtualHost> # This creates a virtual host for SSL conections. They'll be proxy'ed w/o SSL. VirtualHost 1.2.3.4:443> ServerAdmin webmasterat_private ServerName secure.yourdomain.com ProxyPass / http://192.168.1.1/ ProxyPassReverse / http://192.168.1.1/ SSLEngine on SSLCertificateFile /etc/httpd/conf/ssl.crt/yourcert.crt SSLCertificateKeyFile /etc/httpd/conf/ssl.key/yourkey.key ErrorLog /var/log/httpd/ssl-error_log TransferLog logs/ssl-access_log </VirtualHost> -----Original Message----- From: Scott Saxen [mailto:ssaxenat_private] Sent: Friday, January 07, 2000 4:22 PM To: firewall-wizardsat_private Subject: reverse proxy using apache I am having problems using reverse proxy under apache 1.3.9 I have a client that wants to (being a network engineer I would call it NAT) change the URL or what would be called 'rewrite' I think. So they want the client side to use a url (arbitrary) and send it to the proxy server of which would be apache, then from there it would go to a webserver, which in turn queries some other box. The proxy server is going to sit in the dmz, but in front of the firewall (not sure what kind of firewall and dont think its pertinent to this question). Problem I am having is the rewrite_mod syntax....dont know it. Does anyone have a sample configuration I could mess around with to make this work? Much appreciated..... ssaxenat_private thanks.
This archive was generated by hypermail 2b30 : Fri Apr 13 2001 - 13:57:03 PDT