Connect. Communicate. Collaborate. Securely.

Home » Kerio User Forums » Kerio Control » Multiple FTP/Web Servers (SOLVED)
  •  
geabaldyvx

Messages: 39
Karma: 0
Send a private message to this user
I am in the middle of a big server move and want to place all of my webservers, email servers etc.. behind one firewall with one IP address... Obviously this means the firewall will have to know what the incoming Domain Name request is and hand it off to the proper server on the inside... does KWF do this? I couldn't find any instances where people had tried but that doesn't mean it isn't possible..

[Updated on: Wed, 15 November 2006 16:46]

  •  
winkelman

Messages: 2119
Karma: 3
Send a private message to this user
Not possible.
You can only route (map) incoming traffic based on port-number.
  •  
Kerio_ktrumbull

Messages: 597
Karma: 2
Send a private message to this user
To clarify, you can also route traffic based on IP address. Smile I would recommend that you purchase a separate unique public IP address for each server you are running (as this is common practice). You can then route each public IP to a separate internal server.

Kevin Trumbull
Kerio Technical Support Team Leader
http://support.kerio.com
  •  
winkelman

Messages: 2119
Karma: 3
Send a private message to this user
What could be done (but it's rather ugly):

Map different incoming ports on the firewall to the different internal web servers. Then install a webserver on the firewall itself and use that to redirect different domains to the different portnumbers.

This example works obviously only for setups with several web servers, not for other protocols.
  •  
geabaldyvx

Messages: 39
Karma: 0
Send a private message to this user
Doing it the port way though means the end user has to know the ports to request.. I am not seeing an advantage... unless I am missing something in the Apache Documentation when setting up a virtual server..
  •  
geabaldyvx

Messages: 39
Karma: 0
Send a private message to this user
purchasing a seperate IP for each server defeats the purpose in using the firewall in the first place. If I was going to do that I would firewall each machine individually.
  •  
geabaldyvx

Messages: 39
Karma: 0
Send a private message to this user
Ok... I got this up and running last night after reading a ton of stuff for Apache..

So here is the way you have multiple physical webservers at one IP address, behind your KWF.

Download and install Apache 2.2

Edit the httpd.conf file, scroll down the end and add

--
NameVirtualHost <<firewall's IP address>>


<VirtualHost *:*>
ProxyPreserveHost On
ProxyPass / http://<<webserver IP>>/
ProxyPassReverse / http://<<webserver IP>/
ServerName hostname.example.com
</VirtualHost>
--

Now... once you do that it will proxy all incoming traffic for a requested IP to the machine on the inside of the firewall. However, you need to create a new traffic policy allowing port 80 to be open to the internet.

Source: Internet
Destination: Firewall
Service: HTTP
Allow

Works like a champ.. at least for hosting sites behind your firewall with Multiple Servers..



Previous Topic: Paypal: 500 Webinterface Disabled
Next Topic: Issue: SCCP With NAT
Goto Forum:
  


Disclaimer:
Kerio discussion forums are intended for open communication between forum members and may contain information and material posted by members which may be useful in learning about Kerio products. The discussion forums are not intended to provide technical support for any specific product. Any information implied or expressed in the discussion forums is that of the posting member. Kerio is in no way responsible for the information posted in the forums, or its accuracy. Kerio employees may participate in the discussions, but their postings do not represent an offical position of the company on any issues raised or discussed. Kerio reserves the right to monitor and maintain the forums to promote free and accurate exchange of information.

Current Time: Mon Nov 20 10:19:03 CET 2017

Total time taken to generate the page: 0.00438 seconds
.:: Contact :: Home ::.
Powered by: FUDforum 3.0.4.