| Both sides previous revisionPrevious revisionNext revision | Previous revision |
| configure_apache_virtual_host_ubuntu_server_act_proxy_origin_iis_same_local_network [2023/07/17 03:40] – wikiadmin | configure_apache_virtual_host_ubuntu_server_act_proxy_origin_iis_same_local_network [2023/07/17 05:05] (current) – wikiadmin |
|---|
| Let's say you have two servers within a local area network, each of which is behind (on the "backend" or LAN-side) of the same network router that has only one public static IP address configured on the WAN side (frontend) of that router. Furthermore, let's say the operating system on one of those servers is Ubuntu Server 22.04 LTS running Apache2 webserver and hosting various websites and apps, and that the operating system on the other server is Microsoft Windows Server 2012 or 2019 running IIS 10 web server installed, and hosting various websites. Both web servers are listening on TCP ports 80 and 443; however, the network router can only be configured to port forward TCP ports 80 and 443 to one server on the LAN. Each of these two servers is obviously bind to separate local network IP addresses (not routable on the internet), and the local network is, for our example, configured for 192.168.1.0/24. | Let's say you have two servers within a local area network, each of which is behind (on the "backend" or LAN-side) of the same network router that has only one public static IP address configured on the WAN side (frontend) of that router. Furthermore, let's say the operating system on one of those servers is Ubuntu Server 22.04 LTS running Apache2 webserver and hosting various websites and apps, and that the operating system on the other server is Microsoft Windows Server 2012 or 2019 running IIS 10 web server installed, and hosting various websites. Both web servers are listening on TCP ports 80 and 443; however, the network router can only be configured to port forward TCP ports 80 and 443 to one server on the LAN. Each of these two servers is obviously bind to separate local network IP addresses (not routable on the internet), and the local network is, for our example, configured for 192.168.1.0/24. |
| |
| **Our Goal? We want to be able to host and publicly serve websites from both webservers from the single static public IP address configured on the WAN side of the router.** | **Our Goal? We want to be able to host and publicly serve websites from each of the two webservers from the single static public IP address configured on the WAN side of the router.** |
| |
| The problem is that the router can only port forward the standard Web TCP ports 80 (http) and 443 (https) to a single local IP address that is bind to one of the two webservers on the backend. | The problem is that the router can only port forward the standard Web TCP ports 80 (http) and 443 (https) to a single local IP address that is bind to one of the two webservers on the backend. |
| ProxyPreserveHost On | ProxyPreserveHost On |
| ProxyPass "/" "http://yourhostname.yourdomain.lan/" | ProxyPass "/" "http://yourhostname.yourdomain.lan/" |
| ProxyPassReverse "/" "yourhostname.yourdomain.lan/" | ProxyPassReverse "/" "http://yourhostname.yourdomain.lan/" |
| |
| <IfModule mod_headers.c> | <IfModule mod_headers.c> |
| </code> | </code> |
| |
| Now, we must add DNS-type address records so that the Ubuntu / Apache server can locate the local network IP address of the Windows IIS server that you specified as "yourhostname.yourdomain.lan" in the Ubuntu Apache virtual host file. In other words, in order for the apache proxy to locate the IIS-hosted website "yourhostname.yourdomain.lan" within the local network, entries must be made to the Ubuntu 'hosts' file and/or the locally accessible DNS service on the Ubuntu or Windows servers. It is recommended here to merely place the LAN address records in the Ubuntu "hosts" file that will resolve the Local Network IP location of the Windows IIS-hosted origin website(s). | Now, we must add DNS-type address records so that the Ubuntu / Apache web server can locate the local network IP address of the Windows IIS server that you specified as "yourhostname.yourdomain.lan" in the Ubuntu / Apache virtual host file. In other words, in order for the apache proxy to locate the IIS-hosted website "yourhostname.yourdomain.lan" within the local network, entries must be made to the Ubuntu 'hosts' file and/or the locally accessible DNS service on the Ubuntu or Windows servers. It is recommended here to merely place the LAN address records in the Ubuntu "hosts" file that will resolve the Local Network IP location of the Windows IIS-hosted origin website(s). |
| |
| The Ubuntu server's 'hosts' file is located in the /etc/ directory. SSH into the Ubuntu server and navigate to the /etc/ directory where you can edit the 'hosts' file using vim or nano (or your favorite text editor) and then insert one or more address entries ("A" records) that point to the local area network IP address of the IIS webserver (in our example, that is IP 192.168.1.64) where the origin website(s) is/are hosted, as follows: | The Ubuntu server's 'hosts' file is located in the /etc/ directory. SSH into the Ubuntu server and navigate to the /etc/ directory where you can edit the 'hosts' file using vim or nano (or your favorite text editor) and then insert one or more address entries ("A" records) that point to the local area network IP address of the IIS webserver (in our example, that is IP 192.168.1.64) where the origin website(s) is/are hosted, as follows: |
| </code> | </code> |
| |
| After these changes are made to the 'hosts' file, when the Apache webserver virtual host file is looking for the address where yourhostname.yourdomain.lan is located, the 'hosts' file entries will resolve the local address location of the IIS server and its respective configured website(s) at IP address 192.168.1.64. Note that these LAN IP address blocks are not routable on the public internet. They are reserved for use on local area intranets. | After these changes are made to the 'hosts' file, when the Apache webserver virtual host file is looking for the address where yourhostname.yourdomain.lan is located, the 'hosts' file entries will resolve the local address location of the IIS server and its respective configured website(s) at IP address 192.168.1.64. Note that these IP Version 4 LAN IP address blocks, like 192.168.xxx.xxx, are not routable on the public internet. They are reserved for use on local area intranets. |
| |
| Here are some crude (imperfect) DNS zones and DNS records that you may add to your DNS service. **I MUST TELL YOU THAT the entries to the 'hosts' file records worked for me, but the DNS LAN zone and LAN address records ALONE DID NOT WORK FOR ME.** | Here are some crude (imperfect) DNS zones and DNS records that you may add to your DNS service. **I MUST TELL YOU THAT the entries to the 'hosts' file records worked for me, but the DNS LAN zone and LAN address records ALONE DID NOT WORK FOR ME.** Apache Virtual Host could not resolve and proxy the IIS website even though I entered LAN zones and address records in the Windows DNS service and I configured the "net plan" configuration for Ubuntu to set its static LAN IP and added the Windows DNS server as one of the Ubuntu Servers' DNS resolvers. |
| |
| You may also create forward lan and reverse lan DNS zones in, for example, the Windows server's DNS service, or in the DNS BIND service that can install on the Ubuntu server, provided that the location of these DNS (nameservers) are also configured in the NetPlan local static IP address of the Ubuntu server. One or more DNS "A" record address entries in our new 'domain.lan' forward zone might, for example, be as follows: | You may also create forward lan and reverse lan DNS zones in, for example, the Windows server's DNS service, or in the DNS BIND service that can install on the Ubuntu server, provided that the location of these DNS (nameservers) are also configured in the NetPlan local static IP address of the Ubuntu server. One or more DNS "A" record address entries in our new 'domain.lan' forward zone might, for example, be as follows: |
