Question about forwarding
-
Could somebody explain to me how I accomplish the following task:-
I want to host a number of different web sites on physically different pieces of kit behind a Virgin router. Ordinarily, I would just have 1 web server where I define all my sites. Then I would just use port forwarding to 1 web server. Since I cannot configure the DNS server (123reg) with ports, it's not actually possible to port forward to different local NAT IP addresses depending on what domain is being called externally.
So… I understand that I need a Layer 7 Firewall type thingymajig. Is it possible to configure pfSense so that it sees what domain name is being requested, and then forward to a defined local LAN address? In other words, looks at the http header.
Failing that, does pfSense have it's own DNS? And if so, would that even be a solution?
As you can see, I'm not totally up to scratch on this. If somebody could tell me how I do this it would be great.
One option I understand is to run a separate apache server and do a re-direct. I don't want to do it this way as it involves running yet another server.
-
Is it possible to configure pfSense so that it sees what domain name is being requested, and then forward to a defined local LAN address? In other words, looks at the http header.
This is a job of the webserver and/or reverse proxy… you are trying to solve the problem at completely wrong place.
-
Take a look at the pfSense Packages (System -> Packages). Proxy Server with mod_security (among others) looks like it might meet the requirement.
-
Take a look at the pfSense Packages (System -> Packages). Proxy Server with mod_security (among others) looks like it might meet the requirement.
Many thanks. I'll take a look.
-
Take a look at the pfSense Packages (System -> Packages). Proxy Server with mod_security (among others) looks like it might meet the requirement.
I have multiple servers running different operating systems. Is 1 web server going to solve this? Actually, it's usually the job of a DNS server to direct to the correct IP. Just I'm not sure it's possible to direct 1 public ip to many nat ip's.
-
What you want is absolutely not a job for DNS server. You need some webserver with a proxy which will look at the HTTP headers and redirect the requests to appropriate internal servers according to the requested hostname. Simple Apache example:
<virtualhost *:80="">ServerName server1.example.com ProxyPreserveHost On ProxyRequests off ProxyPass / http://192.168.1.1/ ProxyPassReverse / http://192.168.1.1/</virtualhost> <virtualhost *:80="">ServerName server2.example.com ProxyPreserveHost On ProxyRequests off ProxyPass / http://192.168.1.2/ ProxyPassReverse / http://192.168.1.2/</virtualhost> <virtualhost *:80="">ServerName server3.example.com ProxyPreserveHost On ProxyRequests off ProxyPass / http://192.168.1.3/ ProxyPassReverse / http://192.168.1.3/</virtualhost>You forward all requests to port 80 to this server, which deals with the rest.
Reading: http://httpd.apache.org/docs/2.2/mod/mod_proxy.html