External access to multiple SSL websites hosted on a sinlge IP address

In my home office, I only have one external IP address available to me.  I want to be able to host more than one SSL based website behind my single IP address.

All the websites will be based around the same domain name (i.e. mail.domain.com, sftp.domain.com etc) but the websites WON'T be hosted on the same server.  For example, the SFTP site will be hosted on an Accellion virtual appliance whereas the MAIL site will be hosted on Exchange CAS server.

Everything is hosted on two vSphere servers so I'm looking for a low cost/free solution on this one.

I've already done some research on this and if the websites are on the same host, it's not too difficult - but that's not my situation.

LVL 23
jakethecatukAsked:
Who is Participating?
 
jakethecatukConnect With a Mentor Author Commented:
Decided to get additional IP addresses instead...thanks for your input guys.
0
 
thetmanvnCommented:
It's not important when the websites are on the same host or not, but the way you want to access it. Example: If you need using SSL websites using all the default port (443) for each website, then you can check whether your firewall support reverse proxy or not.
If not, you can have low cost/free using this case:

If you can invest another server, then buy a new server, if not you can go with virtualization using free vmware server.
Then deploy a Reverse proxy using Apache2 on Linux (Ubuntu, Debian, CentOS,...), it can handle almost request to almost kind of real webserver behind.

0
 
jakethecatukAuthor Commented:
[my quote]Everything is hosted on two vSphere servers[end quote]
[thetmanvn quote]if not you can go with virtualization using free vmware server[end quote]

ummmmmmmmm - vSphere is the latest version of VMware :)

Thanks for your suggestion of Apache2 on Linux - but I'm looking for a pre-built solution.  I don't want to have to go down the route of doing it myself.  

Ideally, looking for a virtual appliance for this.

0
Worried about phishing attacks?

90% of attacks start with a phish. It’s critical that IT admins and MSSPs have the right security in place to protect their end users from these phishing attacks. Check out our latest feature brief for tips and tricks to keep your employees off a hackers line!

 
thetmanvnCommented:
Sorry sir, I just thought about webSphere, so it's my mistake, if you have vSphere installed, it's so great.

There're so many virtual appliance that come with Apache2 and mod_proxy, mod_rewite, mod_ssl enabled, but unfortunately, you must configure virtual host for reverse proxy by hand. Or you can look at commercial appliance as A10, ModSecurityPro,... for Web Reverse Proxy/Load Balancer/Web Application Firewall

But if you want to try with minimum first installation, you can go with ClearOS Virtual Image
http://www.clearfoundation.com/Software/downloads

Then configure the reverse proxy as this thread:
http://forums.whirlpool.net.au/forum-replies.cfm?t=1424346 
0
 
bouguiCommented:
The reverse proxy is really the way to go,

Has for multiple HTTPS sites using a single Ip I'm not sure, the only way I would see it is with a wildcard certificate.

The way we do it is with 1 servername like this ssl.domain.com/owa ans ssl.domain.com/site1 and so one and it works.

It's not exactly what you want but with 1 single server certificate it will do the job.  Uou can present several internal site thought   1 reverse proxy server, 1 port  ( 443 ) and 1 ip.

Bye
0
 
jakethecatukAuthor Commented:
bougui - I explained in my question that the websites won't have the same name, but thanks for your input.

thetmanvn - thanks for the links - but I'm not a linux person so I'm not keen on using ClearOS.  As for the reverse proxy thread, it's not clear and assumes that the person reading it knows Apache.
0
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

All Courses

From novice to tech pro — start learning today.