Very Computer

I've been charged with the responsibility of creating a reverse proxy
server using Apache on Linux.  This would allow outside vendors to
connect to one of our internal machines in our secure 10.*.*.* network.
  The inside server is running IIS on NT (blech!).  Ideally, we would
map the DNS name to the IP address on the Linux box (in the DMZ, visible
to the outside through the firewall) and from there, the visitor would
be redirected to the inside box.  Obviously, the visitor wouldn't
connect directly, since it's on a 10.*.*.* network and it's behind the
firewall.

I've added this to the httpd.conf file...

ProxyPass / http://10.X.Y.Z/
ProxyReverse / http://10.X.Y.Z/

(IP addresses have been changed to protect identities)

This allows me to connect through the proxy from the inside (rather
useless).  When I try connecting from the outside, my browser hangs on
"Connecting to 10.X.Y.Z" which leads me to believe that I'm being
redirected to that IP address rather than proxied to it.

Am I missing something?  Please be advised that I've never configured
Apache in my life, so I'm kinda flying blind here.  Any help is greatly
appreciated.  Also, if there's a more appropriate group for this
question, please let me know

Thanks,
Ric

PS - If your response could be copied to my email address, I'd greatly
appreciate it.

<Directory proxy:*>
Order allow,deny
Allow from all
</Directory>

ProxyPass / http://10.X.Y.Z/
ProxyPassReverse / http://10.X.Y.Z/

but you probably knew that...

Ric

Quote:> ProxyPass / http://10.X.Y.Z/
> ProxyReverse / http://10.X.Y.Z/
> When I try connecting from the outside, my browser hangs on
> "Connecting to 10.X.Y.Z" which leads me to believe that I'm being
> redirected to that IP address rather than proxied to it.

Just put something in your /etc/hosts, let's say toto:
        10.X.Y.Z        toto

And then use for mod_proxy:
        ProxyPass / http://toto/

Then for ProxyPassReverse, just use the `ServerName` of the next server.

Regards,
--
ASTY Patrick
A.C.I.C.          - Tel +33 (0)1.45.32.37.00

If Windows is the answer, you didn't understand the question.

Ric Rivera a crit :

Quote:

> Hi all... first time posting...

> I've been charged with the responsibility of creating a reverse proxy
> server using Apache on Linux.  This would allow outside vendors to
> connect to one of our internal machines in our secure 10.*.*.* network.
>   The inside server is running IIS on NT (blech!).  Ideally, we would
> map the DNS name to the IP address on the Linux box (in the DMZ, visible
> to the outside through the firewall) and from there, the visitor would
> be redirected to the inside box.  Obviously, the visitor wouldn't
> connect directly, since it's on a 10.*.*.* network and it's behind the
> firewall.

> I've added this to the httpd.conf file...

> ProxyPass / http://10.X.Y.Z/
> ProxyReverse / http://10.X.Y.Z/

> (IP addresses have been changed to protect identities)

> This allows me to connect through the proxy from the inside (rather
> useless).  When I try connecting from the outside, my browser hangs on
> "Connecting to 10.X.Y.Z" which leads me to believe that I'm being
> redirected to that IP address rather than proxied to it.

> Am I missing something?  Please be advised that I've never configured
> Apache in my life, so I'm kinda flying blind here.  Any help is greatly
> appreciated.  Also, if there's a more appropriate group for this
> question, please let me know

> Thanks,
> Ric

> PS - If your response could be copied to my email address, I'd greatly
> appreciate it.

something like

route add  -net 10.X.Y.0 netmask 255.255.255.0 gw 10.X.Y.1 eth0

Try telneting to the port 80 on the IIS box and see if you can get to it
at all.

I do...

--
Jonathan Voigt

www.voicomm.com - Linux/Unix Resources