Redhat linux httpd reverse proxy not working

Skumar_CCSA
Skumar_CCSA used Ask the Experts™
on
Pls help...

User http access : sdm.mnd.com (75.68.129.206, Port 80)
Gateway will NAT the IP address & port to reserve Proxy server IP : 152.210.72.4:10118
RH Linux - Reserse proxy server : 152.210.72.4:10118
RH Linux application server : 152.160.85.4:10021

Verified the application server works well with direct IP.
RH Linux reverse proxy server, verified httpd successfully started.
Configuring reverse proxy settings, it is not working.
Can help me/ advise me what went wrong or to be modified...

User will access the URL http://sdm.mnd.com

Reverse proxy server httpd.conf file

<VirtualHost *:10118>
        ServerAdmin admin@mnd.com
        ProxyRequests off
        ProxyPreserveHost On
        ServerName sdm.mnd.com
        ProxyPass               /        http://152.160.85.4:10021
        ProxyPassReverse        /        http://152.160.85.4:10021
</VirtualHost>


Application server server.xml file

-->
      <Connector port="10021" protocol="HTTP/1.1"
      connectionTimeout="20000"

      redirectPort="8443" URIEncoding="UTF-8" />
   
      <!-- A "Connector" using the shared thread pool-->
   
<!--
Comment
Watch Question

Do more with

Expert Office
EXPERT OFFICE® is a registered trademark of EXPERTS EXCHANGE®
Distinguished Expert 2017

Commented:
You gave an error in your proxy related configuration
Proxypass and proxypassreverse need to be mirror of each other, pointing to the origins

Proxypass /(.*) http://destination/$1
Proxypassreverse http://destination/(.*) http://whatever:10118/$1

The item switches the returned data replacing URLS within such that it can go/flow the site..

Author

Commented:
I added the advised lines but not worked.
Distinguished Expert 2017

Commented:
Log and look at what us going.

You said you are using it as a reverse proxy,

At times, I've seen applications that actually have URLS based on the origin of the request.

Which part is not working, the initial request, or the followup link?
Success in ‘20 With a Profitable Pricing Strategy

Do you wonder if your IT business is truly profitable or if you should raise your prices? Learn how to calculate your overhead burden using our free interactive tool and use it to determine the right price for your IT services. Start calculating Now!

Author

Commented:
my post what I mentioned it worked after adding the value in sepol.

after detailed log study, noticed the httpd not allowing inbound responces but outbound was successful when try backend server URL from web server.

your recommended lines, after adding the web server ip and port we get main page but after entering username and password it redirects to the same main page.
Distinguished Expert 2017

Commented:
Look at the form submission action URL, and whether it that messes things  up.

Author

Commented:
okie.. sure will check.
not sure if rewrite rule etc problem...
I will check
Distinguished Expert 2017

Commented:
The issue you have is the off port.
If you submit the login credentials, depends on where the info is directed and whether it validates/denies or ignores the request by simply returning the main pages as though no login was attempted.

If you internalły go to the URL (edit hosts file to point the domain to the ip directly versus reverse proxy to confirm the functionality is working as expected.

Author

Commented:
I was able to figure out the cause..it is selinux not allowing the inbound connections.
after turnning on seboolean httpd_can_network_connect, able to access the site from outside network.
Thanks Arnold for your responses.
I was able to figure out the cause..it is selinux not allowing the inbound connections.
My initial port reserve proxy settings no changes were made.
After turnning on seboolean httpd_can_network_connect, able to access the site from outside network.

Do more with

Expert Office
Submit tech questions to Ask the Experts™ at any time to receive solutions, advice, and new ideas from leading industry professionals.

Start 7-Day Free Trial