Solved

Web Relay / Proxy

Posted on 2012-03-30
7
500 Views
Last Modified: 2012-04-05
Hello All,

I have a scenario that I am trying to provide a solution for - Users access their email (Lotus Notes) via a Citrix infrastructure, which consists of over 100 servers.  They have a Finance server which sits behind a firewall in a DMZ which hosts a website, they receive emails that contain a URL to this website, when they click this link it opens IE within the Citrix session (with the Citrix server IP Address), and at present this does not work as this port 80 or 443 traffic is blocked by the firewall.

Now we do not want to open up the firewall to the hundreds of Citrix server IP addresses, so what I would prefer is to create some sort of web relay, so that we only have to open up the firewall for the relay server rather than the entire Citrix server estate. Is this possible?

Cheers

V.
0
Comment
Question by:vision_on
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 3
  • 3
7 Comments
 
LVL 3

Expert Comment

by:eappiah
ID: 37786068
You could setup a reverse proxy for http/https and only open up communication in the firewall for that server to the dmz server.

Then the citrix servers would access that 1 server.
I'd suggest Apache or IIS for this solution.
0
 
LVL 1

Author Comment

by:vision_on
ID: 37786246
Hello eappiah,

Thanks for your response.  If I were to use IIS to create the reverse proxy, what version of IIS would be required?  I think I only have IIS6 available...

Also would this use the IIS Add-in "Application Request Routing"?

Cheers

V.
0
 
LVL 3

Accepted Solution

by:
eappiah earned 500 total points
ID: 37786278
I believe the IIS6 does not have this feature inbuilt or you need some 3rd party modules(?!).
Think (as in not sure) you needed a Microsoft ISA Server to get this function.

Only tested this on IIS7 following some guide I googled but I never actully used it for more then in a very small test case.

I only have "real" experience with Apache (mostly on Linux but also windows , it's the same really).
0
Industry Leaders: We Want Your Opinion!

We value your feedback.

Take our survey and automatically be enter to win anyone of the following:
Yeti Cooler, Amazon eGift Card, and Movie eGift Card!

 
LVL 1

Author Comment

by:vision_on
ID: 37786325
Yeah thats the conclusion that I have come to, I would need to implement an ISA server, if I can't get IIS 7

For IIS 7 I would also need a Windows 2008 server

Unfortunately Apache is not an option for me in this environment.

Do you have any experience with 3rd party modules that you mention?
0
 
LVL 3

Expert Comment

by:eappiah
ID: 37786347
Nope, none sorry.

It's always been Apache installs for just that reason! Implementing ISA has always been too expensive and to much work. Might be different nowdays ,have not had any customers running ISA for ages...

There's also other webservers/proxys that are not Apache that can be used but I have no experience at all.

You got Linux? You run Apache
You got Windows? You run IIS7 or Apache.
That's what my "world" looks like.
0
 
LVL 2

Expert Comment

by:DangItMarilyn
ID: 37790800
Being that you're on a windows machine already a more simple solution might be to install CCProxy and run everything through their ultrasimple interface. The program runs for years without a hiccup. I've used it on a remote server without issues since 2006 or thereabouts.
0
 
LVL 1

Author Comment

by:vision_on
ID: 37794997
Hello DangitMarilyn,

Thanks for your response, however, I am unable to install such a product in this environment.
Looks like I will need to install ISA or a 2008 webserver...

Cheers
V.
0

Featured Post

Free Tool: Path Explorer

An intuitive utility to help find the CSS path to UI elements on a webpage. These paths are used frequently in a variety of front-end development and QA automation tasks.

One of a set of tools we're offering as a way of saying thank you for being a part of the community.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

INTRODUCTION The purpose of this document is to demonstrate the Installation and configuration of the Data Protection Manager product. Note that this demonstration was prepared on the basis of Windows OS is 2008 R2 and DPM 2010. DATA PROTECTI…
In order to have all security and back ups taken care of, WordPress users can sign up for services with WP Engine.
Windows 8 comes with a dramatically different user interface known as Metro. Notably missing from the new interface is a Start button and Start Menu. Many users do not like it, much preferring the interface of earlier versions — Windows 7, Windows X…
With the advent of Windows 10, Microsoft is pushing a Get Windows 10 icon into the notification area (system tray) of qualifying computers. There are many reasons for wanting to remove this icon. This two-part Experts Exchange video Micro Tutorial s…

688 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question