Want to win a PS4? Go Premium and enter to win our High-Tech Treats giveaway. Enter to Win

x
?
Solved

Web Relay / Proxy

Posted on 2012-03-30
7
Medium Priority
?
515 Views
Last Modified: 2012-04-05
Hello All,

I have a scenario that I am trying to provide a solution for - Users access their email (Lotus Notes) via a Citrix infrastructure, which consists of over 100 servers.  They have a Finance server which sits behind a firewall in a DMZ which hosts a website, they receive emails that contain a URL to this website, when they click this link it opens IE within the Citrix session (with the Citrix server IP Address), and at present this does not work as this port 80 or 443 traffic is blocked by the firewall.

Now we do not want to open up the firewall to the hundreds of Citrix server IP addresses, so what I would prefer is to create some sort of web relay, so that we only have to open up the firewall for the relay server rather than the entire Citrix server estate. Is this possible?

Cheers

V.
0
Comment
Question by:vision_on
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 3
  • 3
7 Comments
 
LVL 3

Expert Comment

by:eappiah
ID: 37786068
You could setup a reverse proxy for http/https and only open up communication in the firewall for that server to the dmz server.

Then the citrix servers would access that 1 server.
I'd suggest Apache or IIS for this solution.
0
 
LVL 1

Author Comment

by:vision_on
ID: 37786246
Hello eappiah,

Thanks for your response.  If I were to use IIS to create the reverse proxy, what version of IIS would be required?  I think I only have IIS6 available...

Also would this use the IIS Add-in "Application Request Routing"?

Cheers

V.
0
 
LVL 3

Accepted Solution

by:
eappiah earned 1000 total points
ID: 37786278
I believe the IIS6 does not have this feature inbuilt or you need some 3rd party modules(?!).
Think (as in not sure) you needed a Microsoft ISA Server to get this function.

Only tested this on IIS7 following some guide I googled but I never actully used it for more then in a very small test case.

I only have "real" experience with Apache (mostly on Linux but also windows , it's the same really).
0
When ransomware hits your clients, what do you do?

MSPs: Endpoint security isn’t enough to prevent ransomware.
As the impact and severity of crypto ransomware attacks has grown, Webroot fought back, not just by building a next-gen endpoint solution capable of preventing ransomware attacks but also by being a thought leader.

 
LVL 1

Author Comment

by:vision_on
ID: 37786325
Yeah thats the conclusion that I have come to, I would need to implement an ISA server, if I can't get IIS 7

For IIS 7 I would also need a Windows 2008 server

Unfortunately Apache is not an option for me in this environment.

Do you have any experience with 3rd party modules that you mention?
0
 
LVL 3

Expert Comment

by:eappiah
ID: 37786347
Nope, none sorry.

It's always been Apache installs for just that reason! Implementing ISA has always been too expensive and to much work. Might be different nowdays ,have not had any customers running ISA for ages...

There's also other webservers/proxys that are not Apache that can be used but I have no experience at all.

You got Linux? You run Apache
You got Windows? You run IIS7 or Apache.
That's what my "world" looks like.
0
 
LVL 2

Expert Comment

by:DangItMarilyn
ID: 37790800
Being that you're on a windows machine already a more simple solution might be to install CCProxy and run everything through their ultrasimple interface. The program runs for years without a hiccup. I've used it on a remote server without issues since 2006 or thereabouts.
0
 
LVL 1

Author Comment

by:vision_on
ID: 37794997
Hello DangitMarilyn,

Thanks for your response, however, I am unable to install such a product in this environment.
Looks like I will need to install ISA or a 2008 webserver...

Cheers
V.
0

Featured Post

Technology Partners: We Want Your Opinion!

We value your feedback.

Take our survey and automatically be enter to win anyone of the following:
Yeti Cooler, Amazon eGift Card, and Movie eGift Card!

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

For some reason Google Apps has decided to reserve 'www' for your new domain which results in an error when trying to map the web address 'www' to a certain site in your Google Sites. The error is 'this address is already being used' and after some …
INTRODUCTION The purpose of this document is to demonstrate the Installation and configuration of the Data Protection Manager product. Note that this demonstration was prepared on the basis of Windows OS is 2008 R2 and DPM 2010. DATA PROTECTI…
Windows 8 comes with a dramatically different user interface known as Metro. Notably missing from the new interface is a Start button and Start Menu. Many users do not like it, much preferring the interface of earlier versions — Windows 7, Windows X…
In this video, we discuss why the need for additional vertical screen space has become more important in recent years, namely, due to the transition in the marketplace of 4x3 computer screens to 16x9 and 16x10 screens (so-called widescreen format). …

610 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question