External access to multiple SSL websites hosted on a sinlge IP address

In my home office, I only have one external IP address available to me.  I want to be able to host more than one SSL based website behind my single IP address.

All the websites will be based around the same domain name (i.e. mail.domain.com, sftp.domain.com etc) but the websites WON'T be hosted on the same server.  For example, the SFTP site will be hosted on an Accellion virtual appliance whereas the MAIL site will be hosted on Exchange CAS server.

Everything is hosted on two vSphere servers so I'm looking for a low cost/free solution on this one.

I've already done some research on this and if the websites are on the same host, it's not too difficult - but that's not my situation.

LVL 23
jakethecatukAsked:
Who is Participating?

[Product update] Infrastructure Analysis Tool is now available with Business Accounts.Learn More

x
I wear a lot of hats...

"The solutions and answers provided on Experts Exchange have been extremely helpful to me over the last few years. I wear a lot of hats - Developer, Database Administrator, Help Desk, etc., so I know a lot of things but not a lot about one thing. Experts Exchange gives me answers from people who do know a lot about one thing, in a easy to use platform." -Todd S.

thetmanvnCommented:
It's not important when the websites are on the same host or not, but the way you want to access it. Example: If you need using SSL websites using all the default port (443) for each website, then you can check whether your firewall support reverse proxy or not.
If not, you can have low cost/free using this case:

If you can invest another server, then buy a new server, if not you can go with virtualization using free vmware server.
Then deploy a Reverse proxy using Apache2 on Linux (Ubuntu, Debian, CentOS,...), it can handle almost request to almost kind of real webserver behind.

0
jakethecatukAuthor Commented:
[my quote]Everything is hosted on two vSphere servers[end quote]
[thetmanvn quote]if not you can go with virtualization using free vmware server[end quote]

ummmmmmmmm - vSphere is the latest version of VMware :)

Thanks for your suggestion of Apache2 on Linux - but I'm looking for a pre-built solution.  I don't want to have to go down the route of doing it myself.  

Ideally, looking for a virtual appliance for this.

0
thetmanvnCommented:
Sorry sir, I just thought about webSphere, so it's my mistake, if you have vSphere installed, it's so great.

There're so many virtual appliance that come with Apache2 and mod_proxy, mod_rewite, mod_ssl enabled, but unfortunately, you must configure virtual host for reverse proxy by hand. Or you can look at commercial appliance as A10, ModSecurityPro,... for Web Reverse Proxy/Load Balancer/Web Application Firewall

But if you want to try with minimum first installation, you can go with ClearOS Virtual Image
http://www.clearfoundation.com/Software/downloads

Then configure the reverse proxy as this thread:
http://forums.whirlpool.net.au/forum-replies.cfm?t=1424346 
0
Discover the Answer to Productive IT

Discover app within WatchGuard's Wi-Fi Cloud helps you optimize W-Fi user experience with the most complete set of visibility, troubleshooting, and network health features. Quickly pinpointing network problems will lead to more happy users and most importantly, productive IT.

bouguiCommented:
The reverse proxy is really the way to go,

Has for multiple HTTPS sites using a single Ip I'm not sure, the only way I would see it is with a wildcard certificate.

The way we do it is with 1 servername like this ssl.domain.com/owa ans ssl.domain.com/site1 and so one and it works.

It's not exactly what you want but with 1 single server certificate it will do the job.  Uou can present several internal site thought   1 reverse proxy server, 1 port  ( 443 ) and 1 ip.

Bye
0
jakethecatukAuthor Commented:
bougui - I explained in my question that the websites won't have the same name, but thanks for your input.

thetmanvn - thanks for the links - but I'm not a linux person so I'm not keen on using ClearOS.  As for the reverse proxy thread, it's not clear and assumes that the person reading it knows Apache.
0
jakethecatukAuthor Commented:
Decided to get additional IP addresses instead...thanks for your input guys.
0

Experts Exchange Solution brought to you by

Your issues matter to us.

Facing a tech roadblock? Get the help and guidance you need from experienced professionals who care. Ask your question anytime, anywhere, with no hassle.

Start your 7-day free trial
It's more than this solution.Get answers and train to solve all your tech problems - anytime, anywhere.Try it for free Edge Out The Competitionfor your dream job with proven skills and certifications.Get started today Stand Outas the employee with proven skills.Start learning today for free Move Your Career Forwardwith certification training in the latest technologies.Start your trial today
Software Firewalls

From novice to tech pro — start learning today.