Solved

Forwarding web calls to a second server with a proxy

Posted on 2004-03-31
5
200 Views
Last Modified: 2010-04-09
Hi There,

We're looking into setting up a server in a DMZ that will forward web site requests on to a second server inside our network.  The idea is that nothing's running on the server in the DMZ except this 'proxy' software, so that if the machine gets hacked, we wipe it clean with minimal recovery effort.  

What we want to happen is that a user conncects to the server in the DMZ, and the 'proxy' takes the web requests and forwards it to a web server inside the firewall.   The 'proxy' gets the response back from the web server and sends it back to the calling code.  We don't want to use URL redirection, because the idea is that only the 'proxy' server has permission to contact the web server on the internal network.  It's kinda like an anonymous proxy, but we don't care about hiding the IP Addresses of the connecting clients.  Right now we're looking at handling HTTP and HTTP/S calls

Ideally we're looking for something that runs on a Windows OS.  Is there any way to configure ISA Server or IIS to do this?  Otherwise we'll have to look into putting our ASP code on the DMZ server and connecting to the database inside our network.

Thanks.
0
Comment
Question by:afuchigami
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 2
5 Comments
 
LVL 7

Expert Comment

by:fim32
ID: 10725711
hmm, apache has this functionality, and runs on windows...
0
 

Author Comment

by:afuchigami
ID: 10726765
It turns out that the ISA Server might have this capability already (reverse proxy).  If so, then we'll go with this approach, as opposed to installing another piece of software (and potentially one more layer to break/get hacked).  I'll check it out and post back later.

Thanks.
0
 

Accepted Solution

by:
afuchigami earned 0 total points
ID: 10727796
ISA Server (which is the evolution from Microsoft Proxy Server 2.0) does indeed support reverse proxying.  In ISA Server, it's called Web Publishing.

There's a good article at http://www.pcquest.com/cgi-bin/printer.asp?id=36168 that goes into more details, including an example of how to configure the ISA server.

I'm going to have this question closed out.

Thanks.

0

Featured Post

Now Available: Firebox Cloud for AWS and FireboxV

Firebox Cloud brings the protection of WatchGuard’s leading Firebox UTM appliances to public cloud environments. It enables organizations to extend their security perimeter to protect business-critical assets in Amazon Web Services (AWS).

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

Title # Comments Views Activity
How to Access NetScaler admin URL from external source 8 1,539
suspending the anti virus 6 152
firewall inside of network 9 83
The endless cat and mouse game of fail2ban 4 146
To setup a SonicWALL for policy based routing to be used with the Websense Content Gateway there are several steps that need to be completed. Below is a rough guide for accomplishing this. One thing of note is this guide is intended to assist in the…
The DROP (Spamhaus Don't Route Or Peer List) is a small list of IP address ranges that have been stolen or hijacked from their rightful owners. The DROP list is not a DNS based list.  It is designed to be downloaded as a file, with primary intention…
In an interesting question (https://www.experts-exchange.com/questions/29008360/) here at Experts Exchange, a member asked how to split a single image into multiple images. The primary usage for this is to place many photographs on a flatbed scanner…
I've attached the XLSM Excel spreadsheet I used in the video and also text files containing the macros used below. https://filedb.experts-exchange.com/incoming/2017/03_w12/1151775/Permutations.txt https://filedb.experts-exchange.com/incoming/201…

733 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question