Apache NameVirtualHost proxy and IIS 7 with pfSense

I am always hesitating to write an article because after I have found the solution I cannot beleive how hard was to find it. But it is over I must write it down.

I decided to implemet two IIS servers in my network but I have only one public IP address. I think everyone has figured out what was the trouble with this implementation. If do not I tell it.

The main issue with this that I could not reach both servers because of the only one public IP address therefore I have had to implement a router (and of  course a NAT device (actually it is only one device)). In this case I can do a port forwarding for port 80 but I can do this for one IP address.

The case

WAN IP: 1.2.3.4 port 80 Forward to LAN IP: 192.168.1.2 port 80
On 192.168.1.2 might listen an IIS or an Apache on port 80 and if I call this http://1.2.3.4 from the internet I am going to get the default page of the webserver.

BUT, I cannot enable another port forwarding to another server on the same port. It means if I do this above I will not able to reach my other server on 192.168.1.3 on port 80 (this a different webserver in the same LAN). That was the reason why I have had to start thinking. I suggested to use Apache.

Khm. I forgot an important thing: I use pfSense as a router. (pfSense is a freeBsd project, for more information please look at this: http://www.pfsense.org/

Install Apache on pfSense

I connect to my pfSense through SSH so the most simple if you do the same. To this you should allow the connection on you pfSense. Open the web surface and allow the secure shell connection to your router. I am using putty to connect because I am a windows user, therefore I do not have a native ssh client on my machine.

After login a menu appears and here choose menu item 8th. You will get a # (this is your prompt)

Enter: pkg_info (check the installed packages)

Enter: pkg_add apache (I did not have success to install apache from the repository therefore I got a package what was compiled on another freeBsd with the necessary modules. Unfortunatelly this article will not tell the used proceedings regarding this .. sorry folks .. http://www.freebsdmadeeasy.com/tutorials/web-server/configure-apache-web-server-on-freebsd.php)

Configure Apache on pfSense

In case of success lets check the configuration file of apache

The configuration part is founded in: /usr/local/etc/apache22/httpd.conf

1.) Enabling the proxy module insert this line: LoadModules: LoadModule proxy_module libexec/apache22/mod_proxy.so

2.) At the end of the file you can put these lines (of course you should change the host and IP regarding information)

NameVirtualHost *:80

<VirtualHost *:80>
ServerName apple.info
ProxyPass / http://192.168.1.2/
ProxyPreserveHost On
ProxyPassReverse / http://192.168.1.2/
</VirtualHost>

<VirtualHost *:80>
ServerName pear.com
ProxyPass / http://192.168.1.3/
ProxyPreserveHost On
ProxyPassReverse / http://192.168.1.3/
</VirtualHost>

3.) restart your apache: /usr/local/etc/rc.d/apache22 onestart

Create your own port redirection rule

4.) If all right open the web surface of pfSense and redirect your http traffic to your apache. Apache should response your requests because it does the host proxy.

Advertisements

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s