Keep Server Online
If you find the Apache Lounge, the downloads and overall help useful, please express your satisfaction with a donation.
or
A donation makes a contribution towards the costs, the time and effort that's going in this site and building.
Thank You! Steffen
Your donations will help to keep this site alive and well, and continuing building binaries. Apache Lounge is not sponsored.
| |
|
 Topic: Apache reverse proxy without network route to application |
|
| Author |
|
checker
Joined: 05 Dec 2006
Posts: 3
Location: Netherlands Eindhoven
|
 Posted: Tue 05 Dec '06 13:37 Post subject: Apache reverse proxy without network route to application |
 |
|
I have a question about http passthrough for http requests through a VPN connection with an Apache proxy server (see schematic representation):
A----------VPN----------B----------VPN----------C
A= (20 users with different 172.16.x.y ip addresses)
B=(ip adres 192.168.120.10)
C=(ip adres 10.10.30.120)
I have the following problem:
Traffic coming from point A cannot reach point C because of no network route. It is also not possible to permit users from A directly to connect to C because of a policy of the company so the ip address in C cannot be reached from A.
Users in B can only reach the webapplication in C because that policy permit it. They connect with the URL http://timesheet (timesheet has ip address 10.10.30.120 on port 80). It is a web application for users.
Also users in A have full permissions to reach B.
what I think is the solution:
I want to configure an Apache Reverse Proxy in location B so I can redirect http traffic coming from A to C.
Can it be done to configure from with e.g. http://192.168.120.10:8081 from location A (because i configured Apache to run on port 8081?
Can someone help me with my problem or give a hint 
Thank You  |
|
| Back to top |
|
James Blond
Moderator
Joined: 19 Jan 2006
Posts: 7298
Location: Germany, Next to Hamburg
|
| Posted: Tue 05 Dec '06 15:59 Post subject: |
|
|
For your apache on B
| Code: |
<VirtualHost *:8081>
ServerAdmin you@whatever.tld
ServerName http://192.168.120.10
ErrorLog C:/server2/logs/sun.error.log
CustomLog C:/server2/logs/sun.access.log common
ProxyPass / http://10.10.30.120/
ProxyPassReverse / http://10.10.30.120/
ProxyHTMLURLMap http://10.10.30.120/ /
<Location />
ProxyPassReverse /
SetOutputFilter proxy-html
ProxyHTMLURLMap / /
ProxyHTMLURLMap / /
RequestHeader unset Accept-Encoding
</Location>
ProxyRequests Off
<Proxy *>
Order deny,allow
Allow from all
</Proxy>
</VirtualHost>
|
requires
| Code: |
LoadModule vhost_alias_module modules/mod_vhost_alias.so
LoadModule proxy_module modules/mod_proxy.so
LoadModule proxy_connect_module modules/mod_proxy_connect.so
LoadModule proxy_http_module modules/mod_proxy_http.so
LoadModule proxy_html_module modules/mod_proxy_html.so
LoadFile C:/server2/apache/bin/libxml2.dll
|
All modules are included in apach, but mod_proxy_html can be found here
http://www.apachelounge.com/download/ |
|
| Back to top |
|
checker
Joined: 05 Dec 2006
Posts: 3
Location: Netherlands Eindhoven
|
| Posted: Wed 06 Dec '06 10:12 Post subject: It works! |
|
|
Hi James Blond,
I really want to thank you for your solution. Thankx for you help 
I have to connect to the website with http://192.168.120.10:8081 but that can be solved to make an entry in the host file of the client. 8081 is the listenport in my apache configuration. It is really amazing what apache can do  |
|
| Back to top |
|
checker
Joined: 05 Dec 2006
Posts: 3
Location: Netherlands Eindhoven
|
| Posted: Thu 07 Dec '06 11:00 Post subject: Proxy Error |
|
|
For some time I have also another problem with the proxy:
Proxy Error
The proxy server received an invalid response from an upstream server.
The proxy server could not handle the request GET /.
Reason: Error reading from remote server
I want to mention that i found a solution (hopefully) for this
In the config I added the following 2 lines:
SetEnv force-proxy-request-1.0 1
SetEnv proxy-nokeepalive 1
I am going to test it now if i still got the error in my browser. I also have read that I need to disable keep-alives in IIS. Unfortunally this is the webserver on location C which I don't have under my control.
Can it also be of a browser bug or something? I have the idea that Internet Explorer 6 has this proxy error more often than browsers like Firefox 2 and Opera 9 |
|
| Back to top |
|
CameronY
Joined: 16 Nov 2006
Posts: 13
Location: Brisbane, Australia
|
| Posted: Tue 29 May '07 5:39 Post subject: |
|
|
Hello all,
Am running 2.2.4 in a Production and QA environments running Windows 2003 SP1 servers.
We are seeing the following in our error logs after reports from our customers of proxy errors.
| Code: | [Tue May 29 12:39:16 2007] [error] [client 222.152.82.75] proxy: error reading status line from remote server 10.223.a.b, referer: https://backoffice.domain.com.au/
[Tue May 29 12:39:16 2007] [error] [client 222.152.82.75] proxy: Error reading from remote server returned by /grid/xsl/taskGrid.jsp, referer: https://backoffice.domain.com.au/ |
Upon perusing the logs, it apparently been happening for some time, but today everyone is being affected.
We use Virtual Hosts (httpd-vhosts.conf) and after reading all of the above am a little unsure where to place the ... | Code: | SetEnv force-proxy-request-1.0 1
SetEnv proxy-nokeepalive 1 |
Where exactly should I place the above SetEnv statements ?? The only place where I can find proxy statements are in the <VirtualHost > container. Below is (in part); my vhosts.conf settings ... | Code: | #backoffice.domain.com.au
<VirtualHost 202.148.x.y:80>
ServerAdmin webmaster@domain.com.au
## DocumentRoot /dummy
ServerName backoffice.domain.com.au
ErrorLog logs/backoffice.domain.com.au/error.log
CustomLog logs/backoffice.domain.com.au/access.log combined env=!image
RewriteEngine On
RewriteCond %{HTTPS} !=on
RewriteRule ^/(.*) https://%{SERVER_NAME}/$1 [L,R,NC]
</VirtualHost>
#backoffice.domain.com.au
<VirtualHost 202.148.x.y:443>
ServerAdmin webmaster@domain.com.au
## DocumentRoot /dummy
ServerName backoffice.domain.com.au
ErrorLog logs/backoffice.domain.com.au/error.log
CustomLog logs/backoffice.domain.com.au/access.log combined env=!image
SSLEngine on
SSLCipherSuite ALL:!ADH:!EXPORT56:RC4+RSA:+HIGH:+MEDIUM:+LOW:+SSLv2:+EXP:+eNULL
SSLCertificateFile conf/ssl/backoffice.domain.com.au.crt
SSLCertificateKeyFile conf/ssl/backoffice.domain.com.au.key
SSLCACertificateFile conf/ssl/SGC_SuperCert_Interm_CA.crt
<Files ~ "\.(cgi|shtml|phtml|php3?)$">
SSLOptions +StdEnvVars
</Files>
<Directory "c:/apache/cgi">
SSLOptions +StdEnvVars
</Directory>
SetEnvIf User-Agent ".*MSIE.*" \
nokeepalive ssl-unclean-shutdown \
downgrade-1.0 force-response-1.0
ProxyPass / http://10.223.a.b:8080/
ProxyPassReverse / http://10.223.a.b:8080/
</VirtualHost>
#www.backoffice.domain.com.au
<VirtualHost 202.148.x.y:80>
ServerAdmin webmaster@domain.com.au
## DocumentRoot /dummy
ServerName www.backoffice.domain.com.au
ErrorLog logs/backoffice.domain.com.au/error.log
CustomLog logs/backoffice.domain.com.au/access.log combined env=!image
RewriteEngine On
RewriteCond %{HTTPS} !=on
RewriteRule ^/(.*) https://backoffice.domain.com.au/$1 [L,R,NC]
</VirtualHost> |
Any assistance appreciated 
Cheers,
Cameron |
|
| Back to top |
|
|
|
|
|
|
