Reverse Proxy Guide. Version 2.0 April 2016



Similar documents
Folder Proxy + OWA + ECP/EAC Guide. Version 2.0 April 2016

Device LinkUP + Desktop LP Guide RDP

DIGIPASS Authentication for Microsoft ISA 2006 Single Sign-On for Outlook Web Access

How to configure the Panda GateDefender Performa explicit proxy in a Local User Database or in a LDAP server

Microsoft Lync Server 2010

Hosted Microsoft Exchange Client Setup & Guide Book

Lepide Active Directory Self Service. Installation Guide. Lepide Active Directory Self Service Tool. Lepide Software Private Limited Page 1

OrgChart Now SSL Certificate Installation. OfficeWork Software LLC

Administrator Guide. v 11

Windows XP Exchange Client Installation Instructions

Reverse Proxy with SSL - ProxySG Technical Brief

HGC SUPERHUB HOSTED EXCHANGE

How to Use Google Cloud Print

Hosted Microsoft Exchange Client Setup & Guide Book

Enroll a Windows Phone 8 Device

Step 1: Checking Computer Network Settings:

DIGIPASS Authentication for Citrix Access Gateway VPN Connections

Polycom CMA System Upgrade Guide

MadCap Software. Upgrading Guide. Pulse

Guide for Setting Up Your Multi-Factor Authentication Account and Using Multi-Factor Authentication. Mobile App Activation

DEPLOYMENT GUIDE Version 1.1. Deploying the BIG-IP LTM v10 with Citrix Presentation Server 4.5

Using Internet or Windows Explorer to Upload Your Site

PC Monitor Enterprise Server. Setup Guide

DEPLOYMENT GUIDE Version 1.2. Deploying the BIG-IP system v10 with Microsoft Exchange Outlook Web Access 2007

Load Balancing. Outlook Web Access. Web Mail Using Equalizer

Configuring Single Sign-On from the VMware Identity Manager Service to Office 365

Google Cloud Print Setup. User s Guide

Configuring PPP And SIP

Integration Guide. SafeNet Authentication Service. Using SAS as an Identity Provider for Tableau Server

Application Note. Configuring McAfee Firewall Enterprise for McAfee Web Protection Service

Apache Server Implementation Guide

ProxySG TechBrief Enabling Transparent Authentication

Metalogix Replicator. Quick Start Guide. Publication Date: May 14, 2015

Using Microsoft Expression Web to Upload Your Site

DOSarrest Security Services (DSS) Version 4.0

Implementing SSL Offload with JAGUAR Ver.1.0

How to Configure Active Directory based User Authentication

How to set up Outlook Anywhere on your home system

Outlook Profile Setup Guide Exchange 2010 Quick Start and Detailed Instructions

Hyper-V Server 2008 Setup and Configuration Tool Guide

SharePoint Password Change & Expiration 3.0 User Guide

Sophos Mobile Control Installation guide. Product version: 3.5

Sentral servers provide a wide range of services to school networks.

DIGIPASS Authentication for Check Point Connectra

Sophos UTM Web Application Firewall for Microsoft Exchange connectivity

Updated: 7/10/2013 Author: Tim Unten

NSi Mobile Installation Guide. Version 6.2

ProxySG TechBrief Implementing a Reverse Proxy

SMART Vantage. Installation guide

INTEGRATION GUIDE. DIGIPASS Authentication for Google Apps using IDENTIKEY Federation Server

USG40HE Content Filter Customization

Exchange 2013 mailbox setup guide

Copyright

How To Set Up A Sartorius Mailbox In Outlook On A Non-Standard Pc On A Windows Xp Oracle 365 On A Pc Oracle365 On A Sertorius Mailbox On A Microsoft Office365 On Pc Orca 2 On A

Configuration Guide. How to Configure SSL VPN Features in DSR Series. Overview

Microsoft SharePoint 2010 Deployment with Coyote Point Equalizer

Creating a User Profile for Outlook 2013

How to Secure a Groove Manager Web Site

How to Configure Outlook Client for Exchange

DAP Proxy Server Configuration. Technical Note

Technical Brief for Windows Home Server Remote Access

CLEO NED Active Directory Integration. Version 1.2.0

Omniquad Exchange Archiving

DIGIPASS Authentication for GajShield GS Series

Sophos Mobile Control Installation prerequisites form

Sophos UTM. Remote Access via PPTP Configuring Remote Client

SIMPLIFY MICROSOFT CRM AND QUICKBOOKS INTEGRATION Microsoft Dynamics CRM Online to QuickBooks Bidirectional

Integration Guide. SafeNet Authentication Service. Using SAS as an Identity Provider for Salesforce

DIGIPASS Authentication for Windows Logon Product Guide 1.1

Using Remote Web Workplace Version 1.01

Mobile Device Management Version 8. Last updated:

DEPLOYMENT GUIDE. Deploying F5 for High Availability and Scalability of Microsoft Dynamics 4.0

DIGIPASS Authentication for Windows Logon Getting Started Guide 1.1

MicrosoftDynam ics GP TenantServices Installation and Adm inistration Guide

Active Directory Provider User s Guide

CONFIGURATION AND SETUP USER GUIDE AND REFERENCE MANUAL

HTTPS HTTP. ProxySG Web Server. Client. ProxySG TechBrief Reverse Proxy with SSL. 1 Technical Brief

Connection Broker The Leader in Managing Hosted Desktop Infrastructures and Virtual Desktop Infrastructures (HDI and VDI) DNS Setup Guide

Sophos Mobile Control Installation guide. Product version: 3.6

Configuring Single Sign-on from the VMware Identity Manager Service to Dropbox

Sophos UTM. Remote Access via SSL Configuring Remote Client

DIGIPASS as a Service. Google Apps Integration

Sophos UTM. Remote Access via IPsec Configuring Remote Client

LumInsight CMS Installation Guide

User Identification and Authentication

Fujitsu Global Cloud Platform Basic System Setup Windows VM

Professional Mailbox Software Setup Guide

StarWind iscsi SAN Software: Installing StarWind on Windows Server 2008 R2 Server Core

Creating Custom Nameservers Contents

NovaBACKUP xsp Version 15.0 Upgrade Guide

Integration Guide. SafeNet Authentication Service. Using SAS with Web Application Proxy. Technical Manual Template

IIS Reverse Proxy Implementation

Setup Guide: Server-side synchronization for CRM Online and Exchange Server

IDENTIKEY Appliance Administrator Guide

Juniper Networks SSL VPN Implementation Guide

RealPresence Platform Director

M86 Web Filter USER GUIDE for M86 Mobile Security Client. Software Version: Document Version:

How To Set Up A Firewall Enterprise, Multi Firewall Edition And Virtual Firewall

NF1Adv VOIP Setup Guide (for Generic VoIP Setup)

Copyright 2013, 3CX Ltd.

Transcription:

Version 2.0 April 2016 Reverse Proxy Guide

Copyright 2016 iwebgate. All Rights Reserved. No part of this publication may be reproduced, transmitted, transcribed, stored in a retrieval system, or translated into any language in any form or by any means without the written permission of iwebgate as provided by the explicit terms and conditions of our license agreement. Basic Rights of Use Thank you for choosing iwebgate. Registration of your product is required during the installation process outlined in this document. Registration of a single product entitles you to begin using the product for the specific purposes of the product. Additional licensing might be required to use additional features. For more information about iwebgate, visit us at http://www.iwebgate.com. Trademarks Microsoft, Windows, Windows NT, and Vista are registered trademarks of Microsoft Corporation. Other brand and product names are registered trademarks or trademarks of their respective holders. Statement of Conditions To ensure proper operational function and/or reliability of the product is maintained, iwebgate reserves the right to make changes to the product described within this document, via electronic means or otherwise, without notice. iwebgate does not assume any liability that may occur due to the use, or application of, the product described herein.

Table of Contents Introduction 4 1. Upload Signed Certificate in VSP 4 2. Adding & Changing DNS Entries 6 3. Configure Reverse Proxies in VSP 6 4. Add MFA to the Proxy 11 5. Connect to the Proxy 12

Introduction This guide will show how to use the Virtual Segmentation Platform (VSP) to set up a reverse proxy. The VSP connects to back-end webservers via HTTP or HTTPS, but it will only allow client connections to the Reverse Proxy via HTTPS. The steps for establishing an email proxy with the VSP are: 1. Upload Signed Certificate 2. Add a DNS Entry 3. Configure the Reverse Proxy in VSP 4. Add MFA to the Proxy 5. Connect to the Proxy Since this is a guide of how to setup a reverse proxy, additional information on the VSP can be found in its detailed manuals. Requirements: Certificate/Private Key for the domain of the proxied website signed by a Certificate Authority (e.g. *.p12 or *.pfx) Administrator login credentials to the Virtual Segmentation Platform (VSP) Access to a DNS hosting service 1. Upload Signed Certificate in VSP Log into the Virtual Segmentation Platform (VSP) with your administrator credentials. 4

Click Certificate Manager on the Administration menu of the Virtual Segmentation Platform (VSP). Click Upload Signed Certificate in Certificate Manager. Click Choose File to open File Explorer to select the certificate off your device before clicking Upload. Make sure to assign the certificate by clicking Assign 5

2. Adding & Changing DNS Entries Using your DNS hosting services, create an A-record named vsp and provide your VSP s IP address. The VSP s IP address can be found in the URL of the platform. Change the @ and www records to reflect the VSP s IP address as well. 3. Configure Reverse Proxies in VSP Since the back-end web server has been configured to redirect all requests from http://www.example.com to https://example.com, two reverse proxies need to be created. Reconnect to the VSP in your web browser using the vsp DNS entry previously added (vsp.example.com). 6

Click Reverse Proxy from the Proxy LP menu in the VSP. In Proxy LP s Reverse Proxy main menu, click Add next to Backends. Type a name for the Backend and whether your internal servers are using SSL. The Load Balancing options will take effect if there are more than one server in this backend group. The options for loading balancing are: Round-Robin Least Connected IP-Hash The reverse proxy forwards each request onto the next server in the pool, and treats all servers as equals. Will direct connections to the server with the fewest connections used. This is effective in smoothing distributution when a server becomes bogged down. Ensures that user sessions from the same IP address are sticky to a single backend server. 7

In the Server section of Backends, click Add to input information on a new internal web server. Type the server s IP address and port; select any additional options such as making the backend act as a backup server before clicking OK. When finished adding servers, click Save to return to the Reverse Proxy main screen. 8

In the main Proxy menu, click Add in Frontends. Make sure Host Proxy option is clicked and enter the HTTP proxy information. 1. Type http:// and the domain name in Name. 2. Provide the address URL the proxy will connect to in External Setup - Address. 3. In Port, type the number 80 since the connection is HTTP. 4. Choose a back-end server in Internal Setup - Address. 9

1 2 3 4 After adding the HTTP proxy, click Add in Frontends to enter the HTTPS proxy information. Make sure Host Proxy option is clicked and enter the HTTPS proxy information. 1. Type https:// and the domain name in Name. 2. Provide the address URL the proxy will connect to in External Setup - Address. 3. Type the address for the back-end server in Internal Setup - Address. 4. In Port, type the number 443 since the connection is HTTPS. 10

1 2 3 4 4. Add MFA to the Proxy Proxies can use multi-factor authentication (Google Authenticator) to strengthen the security of the connection. To configure proxy authentication, click Configure MFA in the main Reverse Proxy module. Select the desired 1 st Factor Type. This is the authentication users must first enter to get through to the backend proxy servers. 11

Users accessing the proxy will need to enter the Time Based One-Time Password received through the Google Authethicatior app. 5. Connect to the Proxy Connect to the proxy (example.com) from a web browser. Time-to-live (TTL) determines the length of time that a DNS record is cached. You may have to wait for the TTL of the previous records to expire before being able to connect to your proxy. 12

Version 2.0 April 2016

2026 © DocPlayer.net Privacy Policy | Terms of Service | Feedback  | Do Not Sell My Personal Information