OPNsense Forum
Archive => 16.7 Legacy Series => Topic started by: ajhalls on September 24, 2016, 01:06:17 am
-
I have a few servers at the office and our ISP is refusing to give us more IP addresses. I was hoping to add another server for a windows Remote Desktop, is there a way to point http://remotedesktop.myoffice.com to the public IP of the router and have it redirect ALL traffic to an internal address?
The reason I ask (other than what I listed above) is because I wanted to put together a server with multiple virtual machines that would each have their own internal IP, but would all be listening on port :80.
I had tried to do it with an F5 and PFSense, but didn't figure it out and hoping this would be easier :)
-
Hi ahjalls,
I think the setup is still the same as pfSense: you need to add a load balancer virtual server that can broker your coming connection from a shared WAN-IP according to host names. I don't know much about the built-in load balancer so I don't know if that's possible. After some quick research it doesn't look like it.
There's also a HAProxy plugin that could achieve the same, but I think it's more complex.
Otherwise, set up a simple port forward to an internal server that serves as a reverse HTTP proxy from there.
Cheers,
Franco
-
If you are going to use a reverse proxy, you may want to consider encryption for something called 'remote desktop' :)
SNI is your friend: https://wiki.apache.org/httpd/NameBasedSSLVHostsWithSNI
Bart...
-
Thanks Franco. I guess I am not seeing the proper workflow here to get something setup. I can setup a pool to listen and forward to a single port, but I was hoping to forward all ports depending on the hostname request.
Under virtual servers I can only tell it which port and pool to use. When I look at Firewall:Rules, I can select a "WAN address" as the source, not sure if that is an IP address or a hostname, but either way there isn't anywhere to type what what IP or hostname would be.
Bartjsmit, thank you so much, that will solve another problem down the road for me.