client behind firewall unable to connect to :2222

max2000 said:
Very nice solution.

Can you post more detailled "how to" please?

Thank you
Click to expand...

Yeah no worries I plan too its just I'm at work at the mo so can't SSH into the httpd.conf files to get exact details.

Cheers
 
Excellent tip. I've had a look but the tip doesn't seem to be quite right for Apache2.

Does anyone have the right settings for Apache2?

update: here's how for Apache2 on DA, as I did it with my Centos 4.2 x64 setup.

Unpack httpd sources, and go to the modules/proxy directory and build the proxy module.

apxs -ciA mod_proxy.c proxy_utils.c
apxs -ciA proxy_http.c

(you should now have 2 new files in /usr/lib/apache: mod_proxy.so and proxy_http.so)

Go to the httpd.conf file and make sure you have 2 new LoadModule entries:

LoadModule proxy_module /usr/lib/apache/mod_proxy.so
LoadModule proxy_http_module /usr/lib/apache/proxy_http.so

Fill in the VirtualHost entries as the 1.3 setup.
 
Last edited:
BTW. If you're running DA in SSL mode (and I think you should, security is good :) ) then you will need to put
Code: 
SSLProxyEngine On
in the VirtualHost with the ProxyPass entries. I have also modified my VirtualHost entry to redirect to the domain name, so the certificate name doesn't get rejected.

Code: 
<VirtualHost |IP|:443>
        ServerName cp.|DOMAIN|

        SSLEngine on
        SSLCertificateFile |CERT|
        SSLCertificateKeyFile |KEY|
        |CAROOT|

        SSLProxyEngine On
        ProxyRequests Off
        ProxyPass / [url]https://|DOMAIN|:2222/[/url]
        ProxyPassReverse / [url]https://|DOMAIN|:2222/[/url]
</VirtualHost>

I'm using Apache2 but this should be fine with the old Apache. Update: forgot to add the certificate. the above works fine.
 
Last edited:
Can you have both access method enable?

can you have cp.domain.com and domain.com:2222 on the same server?
 
hello, after trying to setup cp.domain.com by following the kb but no luck and now apache won't start. the process will stop and i can't access any websites on it. Can someone tell me what to check and how to reverse back?

my server is freebsd 5.3
 
ok, i got it reverse back and now httpd is working.

where do you add

<VirtualHost |IP|:80>
ServerName cp.|DOMAIN|
ProxyRequests Off
ProxyPass / http://localhost:2222/
ProxyPassReverse / http://localhost:2222/
</VirtualHost>

Can someone show me your entire virtual host conf? i don't get where to add

<VirtualHost |IP|:80>
ServerName cp.|DOMAIN|
ProxyRequests Off
ProxyPass / http://localhost:2222/
ProxyPassReverse / http://localhost:2222/
</VirtualHost>

thank
 
you put the new VirtualHost entries in the virtual_host.conf file at the same level as the existing ones. Do not embed them.

ie.

in virtual_host.conf you should have:
Code: 
|?CGI=.... 
|?DOCROOT=...
<VirtualHost |IP|:80>
...
</VirtualHost>
<VirtualHost |IP|:80>
ServerName cp.|DOMAIN|
Proxy stuff
</VirtualHost>
like that - just add your new VirtualHost entry at the bottom.

This is how I do it on Linux, BSD may be different. You'd best ask google if it still doesn't work (and you've checked and re-checked your spelling)
 
gbjbaanb said:
you put the new VirtualHost entries in the virtual_host.conf file at the same level as the existing ones. Do not embed them.

ie.

in virtual_host.conf you should have:
Code: 
|?CGI=.... 
|?DOCROOT=...
<VirtualHost |IP|:80>
...
</VirtualHost>
<VirtualHost |IP|:80>
ServerName cp.|DOMAIN|
Proxy stuff
</VirtualHost>
like that - just add your new VirtualHost entry at the bottom.

This is how I do it on Linux, BSD may be different. You'd best ask google if it still doesn't work (and you've checked and re-checked your spelling)
Click to expand...

ah no wonder. i put it at the very end outside the virtualhost tag
 
I run DA in SSL, using the proxy on port 443 as described above, and I've noticed a problem.

when I log in, I immediately get redirected to the main page in http mode. I've checked DA is configured to use SSL, and the proxies are set up correctly. I can also keep working if I change http to https in the browser.

Does anyone have an ideas why this secure->non secure transition happens? I have a feeling its the DA daemon as sometimes I get redirected to the IP address, which I know DA does to fallback from SSL mode.
 
Sorry, forget the above - I forgot the certificate lines. I've modified my previous post with the full, correct virtualhost setting
 
Thanks for the information about the reverse proxy. Works very well. A note for Apache 1.3 users: remove "SSLProxyEngine On", even when doing https requests.

Brian
 
You must log in or register to reply here.
Back
Top