Reverse Proxy Question



  • I've just setup an OCS server with an edge server so I need to config reverse proxy entries for HTTPS to four internal IP's with my single external IP.

    I installed Mod_Security+Apache+Proxy and configured it to show the fqdn followed by the IP of the backend server (also tried internal fqdn.) I then tried it with the current NAT rule in place (wasn't paying attention) and nothing worked. Noticed I had it setup like that and changed the NAT to direct to the firewall itself. Still nothing.

    Am I doing something wrong? Will this not work? I'd hate to have to replace this firewall with ISA server…..

    Any help would be greatly appreciated!



  • I just tried HAProxy, it allows for much faster access to my exchange server than a simple nat rule, but I can't get it to do this either. I assumed it would proxy but it appears not to. As soon as I add a second server using port 443, I get an SSL Connection Error.

    Has nobody gotten pfSense to work with OCS? I really don't want to touch ISA.



  • We have customers running OCS, but aren't reverse proxying it (via the firewall itself that is). You don't want NAT entries at all for that traffic, but will need firewall rules. And you're working with a very alpha package there, it's almost guaranteed that needs quite a bit more work to be functional.



  • @cmb:

    We have customers running OCS, but aren't reverse proxying it (via the firewall itself that is). You don't want NAT entries at all for that traffic, but will need firewall rules. And you're working with a very alpha package there, it's almost guaranteed that needs quite a bit more work to be functional.

    Thanks for the answer, I guess I'll have to setup an ISA server for the proxy part. Yippy! Another thing to learn! I sure hope this does get worked on, it seems like Microsoft is set in their ways on this! Thanks!



  • HAProxy on works on port 80 to my knowledge so that is why SSL fails. Will load balancing not work instead of Reverse Proxy?


Log in to reply