No announcement yet.

Orenosp Reverse SSL Proxy

  • Filter
  • Time
  • Show
Clear All
new posts

    Originally posted by Michael McSharry
    I was not aware that RDP was a viable option with W2K Professional. I think the reason you do not have a problem with your links is becase they are all relative to the HS server. In my case each link has a unique server.
    Hi Michael,

    I'm not sure about W2K, sorry. I use only XP Pro. If RDP isn't supported, you could probably try one of the VNC variants...

    As long as you can "remote" into the LAN, then all your links should work as is, correct?



      Yes if I take over a dekstop session the links should be good. I am then using the desktop resources of the targeted LAN computer. What do I need to do differently in SSL Explorer to engage VNC rather than a web server? Since I have multiple LAN PCs I will want to be able to run off of any one of the desktops to deal with failure management concerns.


        I ended up setting up a single site entry for each device on my network. I doubt it will work if you try to use one web server/host and redirect to other hosts on your network. SSL Explorer is doing ip and port translation and then content replacment. With single site it is not doing multiple ip/port to single ip/port translation . That is what that reverse proxy option should do. (And does do in Oreonosp). Once the ip/hostname switches it will break.

        As far as performance and differences between orenosp and ssl explorer. I would sum it up as:

        Performance: Same
        Ease of Use: SSL Explorer (1 hour setup / vs. 6-8 hours)
        Cost: SSL Explorer (free vs $100)
        Options/Features: Orenosp (customizable web pages, working reverse proxy)
        Winner: SSL Explorer (Becuase I am cheap :-) )

        I am using Zonealarm on my PC, I don't think that is my issue though as I only have trouble from work. But I will check into it. Thanks for the tip.



          ZA is giving me fits too, but it seems worse from the WAN. Sometimes it works with ZA enabled, sometimes not. On the LAN, it works much better. With ZA disabled, SSL Explorer works reliably from WAN and LAN. I may try-out some other firewalls. I've read that Outpost is pretty good, as is LookNStop.


          To VNC into any box on your LAN, you will setup a "Web Application" link for each box. First you need to goto "Admin->Configuration->Extension Manager" and install the VNC extension. Then you goto "Admin->Global Resources->Web Applications" to create and configure a shortcut that will run VNC. If you don't have VNC server installed on the LAN computers, I guess you'll need to do that as well? I can't help much with that as I'm not a VNC user...



            You can also use Apache as a reverse proxy for multiple servers/web-services. You can also do SSL, and it's all free. I have a single URL, and if I browse to URL, I get the apache server. If I browse to URL/homeseer, I see homeseer's web interface. If I browse to URL/wireless, I see my wireless router's web interface and so on. It's quite easy to setup on Windows if you use <a href="">WAMP </a>


              I seem to have spoken too soon. I finally got around to setting up 2.0 last night, and it works well so far. The only issue is the web interface doesn't understand URLs very well. If I browse it locally, it understands because the URLs are written as http://localhost/conf, etc. However, if I point to, it doesn't understand. Is there a way to tell it to put a prefixing URL on all requests so that, for example, images will point to, rather than Worse comes to worst I could always try writting an apache rewrite directive to try and overcome it, but they're a pita.


                I am not familiar with Apache. But I think you will need to do the content rewrite. Both orenosp and ssl explorer are doing this as well as the url redirect. It's really one of the key differences between a web server and a reverse proxy. I had the same issues with my tivowebplus. Had to create rewrite statements in orenosp. SSL explorer had all the statments pre-written and worked out-of-box.

                A google search turned this up...




                  The rewrite rules are quite simple (when you've done this a few times!).

                  What exactly do you want?
                  Post your apache conf so I can get a good idea of how you have configured it (or PM it to me if it has sensitive info in it).
                  From there I should be able to make a rewrite rule for you.




                    No, thanks. It's no problem, I can take care of it. Been doin' it for years. I just figured if there was an easy way (like webmin has a directive in its config file to prepend a URL to all replies). The hard part is that I use the apache server itself, proxying only a couple of internal servers, all on the same top-level URL. And, since homeseer thinks it's the top-level url....