0

I'm setting up a proxy to let a totally isolated vlan (called VLAN1) to access to another vlan (VLAN2) via proxy.

One server has two NICs : on for VLAN1 (10.1.1.50) and one for VLAN2 (10.1.2.254).

On my VLAN1, I've several server running the SAME web application (for different users) :

  • https: //10.1.1.101/myapp
  • https: //10.1.1.102/myapp
  • https: //10.1.1.103/myapp
  • ...

On my proxy server (10.1.2.254 or 10.1.1.50), on the file /etc/httpd/conf.d/myapp.conf :

ServerName  Proxy-IsolatedNetwork
#
# SSL
#
SSLProxyCheckPeerCN     Off
SSLProxyCheckPeerExpire Off
SSLProxyCheckPeerName   Off
SSLProxyEngine          On
SSLProxyProtocol        All
SSLProxyVerify          optional_no_ca
SSLProxyVerifyDepth     0

#
# Proxy
#
ProxyPreserveHost On

CASE 1

If I write this, it works :

ProxyPass /101 https://10.1.1.101/myapp
ProxyPassReverse /101 https://10.1.1.101/myapp

ProxyPass /myapp https://10.1.1.101/myapp
ProxyPassReverse /myapp https://10.1.1.101/myapp

If we go to https: //10.1.2.254/101, it works, I've access to myapp hosted on https: //10.1.1.101/myapp

BUT

CASE 2

What I would like is :

  • https: //10.1.2.254/101 => https: //10.1.1.101/myapp
  • https: //10.1.2.254/102 => https: //10.1.1.102/myapp
  • https: //10.1.2.254/103 => https: //10.1.1.103/myapp

How to have multiple ProxyPass/ProxyPassReverse working ?

ProxyPass /101 https://10.1.1.101/myapp
ProxyPassReverse /101 https://10.1.1.101/myapp
ProxyPass /myapp https://10.1.1.101/myapp
ProxyPassReverse /myapp https://10.1.1.101/myapp

ProxyPass /102 https://10.1.1.102/myapp
ProxyPassReverse /102 https://10.1.1.102/myapp
ProxyPass /myapp https://10.1.1.102/myapp
ProxyPassReverse /myapp https://10.1.1.102/myapp

ProxyPass /103 https://10.1.1.103/myapp
ProxyPassReverse /103 https://10.1.1.103/myapp
ProxyPass /myapp https://10.1.1.103/myapp
ProxyPassReverse /myapp https://10.1.1.103/myapp
locobastos
  • 15
  • 1
  • 1
  • 8
  • 1
    The mapping of `/101` to `https://10.1.1.101/myapp`, `/102` to `https://10.1.1.102/myapp`, etc, should work the way you've written it. But why do you also have a second set of `ProxyPass` and `ProxyPassreverse` mapping `https://10.1.2.254/myapp` for each one of the three backend servers? That's not going to work. – Jenny D May 29 '18 at 12:40
  • @jenny-d If I map /101 to https://10.1.1.101/myapp as ProxyPass and ProxyPassReverse and not /myapp, the browser show a 404 error : The requested URL /uforge/ was not found on this server. If I add ProxyPass & ProxyPassReverse for /uforge to https://10.1.1.101/myapp, the browser show myapp and everything works. – locobastos May 31 '18 at 11:02
  • the answer is to turn off the ProxyPreserveHost then I can delete all line ProxyPass /myapp & ProxyPassReverse /myapp – locobastos May 31 '18 at 13:51
  • I'm glad you found the solution! If you post it as an answer, you might be able to help someone else who has the same problem. – Jenny D May 31 '18 at 17:22
  • If you have solved your question, write an answer explaining your solution (so that others can learn from it) and accept it. – Sven Mar 26 '19 at 11:27

1 Answers1

0

the answer is to turn off the ProxyPreserveHost then I can delete all line ProxyPass /myapp & ProxyPassReverse /myapp

locobastos
  • 15
  • 1
  • 1
  • 8