Help setting up reverse proxy virtual host

joe

Well-Known Member
#1
I currently use lsws (which I think is GREAT BTW!) to host a couple of virtual hosts. Now I need access to my desktop windows from remote sites and ssh & RDP are being blocked by good firewall admins with egress filtering. So I'm trying to setup windowsXP RDP terminal server via IIS on a workstation, and I'd like to add this website as a virtual host to my existing lsws. But I'm having trouble with the conf after reading the howto for reverse proxying. Ultimately I want to add SSL to this setup before I'm done, because who trusts MS's security? I currently use OpenSSL for one of my virtual hosts with a self signed cert and I am happy.

Stats:
-using lsws 2.1.5 standard
-have setup a dummy url via my hosts file for now to test a new url of "rdp.mysite.com" as the intended virtual host tartget.
-Have defined a new virtual host "RDP-Web" from a copy of the default virtual host
-in External Apps I've defined a "web server" ext app with address 192.168.1.5:80 which is the ip of the workstation running IIS on port 80

Just to be sure I've defined the ext app under the server and the virtual host.
-defined a script handler for htm extensions which is the doc type the TS web site uses as "web server" handler type.


When I try to reach the virtual host I get a default lsws page which I know comes from the default host config I copied above, and it also means that lsws is correctly redirecting to the virtual host. But its not proxying the requests onto the IIS workstation.

There is a local firewall involved since the lsws box is in my DMZ and the workstation is inside the FW. By the time of this posting I will have ensured that lsws can reach the port required.

What am I missing?
 

mistwang

LiteSpeed Staff
#2
Thank you for using our product and your praise.

Instead of define a script handler for htm, you can let lsws forward all requests for that virtual host to the backend server with Proxy context with URI '/'.

Problem with your current configuration probably is, that when you access http://rdp.mysite.com/, the directory index is index.html by default, so it is not forwarded to the backend, and directory index does not work with reverse proxy when used as a script handler.

Hope that helps.
George Wang
 

joe

Well-Known Member
#4
rats! :?
litespeed proxied just fine, but for anyone attempting to do what I did don't bother, it wont work. Microsoft's Remoe Desktop Web Connection or RDP via IIS does not tunnel the RDP session over port 80. Rather it merely sends the requestor an Activex version of the remote desktop application and "hooks you up" with the target system. Port tcp 3389 still must be open for the session and thus this service cannot be proxied unless you have the ability to tunnel from your local host out. Which if I had, I wouldn't be doing this exercise in the first place...

Next question along these lines is if the litespeed proxy will proxy other applications such as ssh?
 

mistwang

LiteSpeed Staff
#5
Sorry to hear that it is not successful.

LiteSpeed can only proxy HTTP requests, other protocol is not supported. You need to find a ssh web client if you want ssh access through a web server.
 
Top