Forum: >>> Magnum BBS <<<

Re: Using Apache2 as proxy to redirect traffic within LAN not working a

From =?UTF-8?B?VmluY2VudCDigJxHaWFudHZpb@21:1/5 to Vincent Meadows on Sat May 13 22:52:23 2023

On Wednesday, May 10, 2023 at 3:28:31 PM UTC-5, Vincent Meadows wrote:

On Wednesday, May 10, 2023 at 1:44:38 PM UTC-5, Marco Moock wrote:

Am 10.05.2023 um 09:34:04 Uhr schrieb Vincent “Giantvince1” Meadows:

In my case, when I have this set up in such a manner, it seems to
only proxy to one machine in particular, regardless of the fact that
the IP addresses in the proxy rules are pointing to the correct
machines in each "Server" block in the configs. Can someone please
help me figure this out? It's driving me nuts!

Please post your configuration.

My entire config is below this line; I obfuscated my IPv6 for privacy reasons, my IPv4 addresses are actually private due to only having one public IPv4 and requiring NAT.
Also, as of right now, I have instigated my router to force IPv6 NAT so that I can avoid the problem for now, since it seems that forcing the router to ALWAYS pick 10.0.0.4 (and the associated IPv6 address) to pass traffic to makes things just *work*.

<VirtualHost *:80>
RewriteEngine On
RewriteCond %{HTTPS} !=on
RewriteRule ^/?(.*) https://%{SERVER_NAME}/$1 [R,L]
</VirtualHost>

<VirtualHost *:443>
ServerName pihole.meadowsburklepcrepair.com
ServerAdmin vin...@villageofgamers.net
ErrorLog ${APACHE_LOG_DIR}/error.log
CustomLog ${APACHE_LOG_DIR}/access.log combined
DocumentRoot /var/www/html/admin
<Directory "/var/www/html/admin">
DirectoryIndex index.php
<RequireAny>
Require ip 10.0.0.0/24
Require ip fd00::/64
</RequireAny>
</Directory>
Include /etc/letsencrypt/options-ssl-apache.conf
SSLCertificateFile /etc/letsencrypt/live/meadowsburklepcrepair.com/fullchain.pem
SSLCertificateKeyFile /etc/letsencrypt/live/meadowsburklepcrepair.com/privkey.pem
</VirtualHost>

<VirtualHost *:443>
ServerName dynmap.villageofgamers.net
ServerAdmin vin...@villageofgamers.net
ErrorLog ${APACHE_LOG_DIR}/error.log
CustomLog ${APACHE_LOG_DIR}/access.log combined
DocumentRoot /var/www/html/dynmap
Include /etc/letsencrypt/options-ssl-apache.conf
SSLCertificateFile /etc/letsencrypt/live/meadowsburklepcrepair.com/fullchain.pem
SSLCertificateKeyFile /etc/letsencrypt/live/meadowsburklepcrepair.com/privkey.pem
</VirtualHost>

<VirtualHost *:443>
ServerName mail.maxxburkleservices.com
ServerAdmin vin...@maxxburkleservices.com
ErrorLog ${APACHE_LOG_DIR}/error.log
CustomLog ${APACHE_LOG_DIR}/access.log combined
<Proxy *>
<RequireAll>
Require all granted
Require not ip 10.0.2.0/24
</RequireAll>
</Proxy>
SSLProxyEngine on
SSLProxyVerify none
ProxyPass / https://10.0.0.5/
ProxyPassReverse / https://10.0.0.5/
ProxyRequests off
ProxyPreserveHost on
RequestHeader set X-Forwarded-Proto https
Include /etc/letsencrypt/options-ssl-apache.conf
SSLCertificateFile /etc/letsencrypt/live/meadowsburklepcrepair.com/fullchain.pem
SSLCertificateKeyFile /etc/letsencrypt/live/meadowsburklepcrepair.com/privkey.pem
</VirtualHost>

<VirtualHost *:443>
ServerName mail.meadowsburklepcrepair.com
ServerAdmin vin...@meadowsburklepcrepair.com
ErrorLog ${APACHE_LOG_DIR}/error.log
CustomLog ${APACHE_LOG_DIR}/access.log combined
<Proxy *>
<RequireAll>
Require all granted
Require not ip 10.0.2.0/24
</RequireAll>
</Proxy>
SSLProxyEngine on
SSLProxyVerify none
ProxyPass / https://10.0.0.5/
ProxyPassReverse / https://10.0.0.5/
ProxyRequests off
ProxyPreserveHost on
RequestHeader set X-Forwarded-Proto https
Include /etc/letsencrypt/options-ssl-apache.conf
SSLCertificateFile /etc/letsencrypt/live/meadowsburklepcrepair.com/fullchain.pem
SSLCertificateKeyFile /etc/letsencrypt/live/meadowsburklepcrepair.com/privkey.pem
</VirtualHost>

<VirtualHost *:443>
ServerName mail.villageofgamers.net
ServerAdmin vin...@villageofgamers.net
ErrorLog ${APACHE_LOG_DIR}/error.log
CustomLog ${APACHE_LOG_DIR}/access.log combined
<Proxy *>
<RequireAll>
Require all granted
Require not ip 10.0.2.0/24
</RequireAll>
</Proxy>
SSLProxyEngine on
SSLProxyVerify none
ProxyPass / https://10.0.0.5/
ProxyPassReverse / https://10.0.0.5/
ProxyRequests off
ProxyPreserveHost on
RequestHeader set X-Forwarded-Proto https
Include /etc/letsencrypt/options-ssl-apache.conf
SSLCertificateFile /etc/letsencrypt/live/meadowsburklepcrepair.com/fullchain.pem
SSLCertificateKeyFile /etc/letsencrypt/live/meadowsburklepcrepair.com/privkey.pem
</VirtualHost>

<VirtualHost *:443>
ServerName maxxburkleservices.com
ServerAdmin vin...@maxxburkleservices.com
ErrorLog ${APACHE_LOG_DIR}/error.log
CustomLog ${APACHE_LOG_DIR}/access.log combined
DocumentRoot /var/www/html/redirects
DirectoryIndex index.php
Include /etc/letsencrypt/options-ssl-apache.conf
SSLCertificateFile /etc/letsencrypt/live/meadowsburklepcrepair.com/fullchain.pem
SSLCertificateKeyFile /etc/letsencrypt/live/meadowsburklepcrepair.com/privkey.pem
</VirtualHost>

<VirtualHost *:443>
ServerName meadowsburklepcrepair.com
ServerAdmin vin...@meadowsburklepcrepair.com
ErrorLog ${APACHE_LOG_DIR}/error.log
CustomLog ${APACHE_LOG_DIR}/access.log combined
DocumentRoot /var/www/html/redirects
DirectoryIndex index.php
Include /etc/letsencrypt/options-ssl-apache.conf
SSLCertificateFile /etc/letsencrypt/live/meadowsburklepcrepair.com/fullchain.pem
SSLCertificateKeyFile /etc/letsencrypt/live/meadowsburklepcrepair.com/privkey.pem
</VirtualHost>

<VirtualHost *:443>
ServerName nextcloud.meadowsburklepcrepair.com
ServerAdmin vin...@meadowsburklepcrepair.com
ErrorLog ${APACHE_LOG_DIR}/error.log
CustomLog ${APACHE_LOG_DIR}/access.log combined
<IfModule mod_headers.c>
Header always set Strict-Transport-Security "max-age=15552000; includeSubDomains"
</IfModule>
<Directory /var/www/html/nextcloud>
<RequireAll>
Require all granted
Require not ip 10.0.2.0/24
</RequireAll>
DirectoryIndex index.php
</Directory>
DocumentRoot /var/www/html/nextcloud
Include /etc/letsencrypt/options-ssl-apache.conf
SSLCertificateFile /etc/letsencrypt/live/meadowsburklepcrepair.com/fullchain.pem
SSLCertificateKeyFile /etc/letsencrypt/live/meadowsburklepcrepair.com/privkey.pem
</VirtualHost>

<VirtualHost *:443>
ServerName radio.villageofgamers.net
ServerAdmin vin...@villageofgamers.net
ErrorLog ${APACHE_LOG_DIR}/error.log
CustomLog ${APACHE_LOG_DIR}/access.log combined
SSLProxyEngine on
SSLProxyVerify none
ProxyPass / https://127.0.0.1:8443/
ProxyPassReverse / https://127.0.0.1:8443/
ProxyRequests off
ProxyPreserveHost on
RequestHeader set X-Forwarded-Proto https
Include /etc/letsencrypt/options-ssl-apache.conf
SSLCertificateFile /etc/letsencrypt/live/meadowsburklepcrepair.com/fullchain.pem
SSLCertificateKeyFile /etc/letsencrypt/live/meadowsburklepcrepair.com/privkey.pem
</VirtualHost>

<VirtualHost *:443>
ServerName support.meadowsburklepcrepair.com
ServerAdmin vin...@meadowsburklepcrepair.com
ErrorLog ${APACHE_LOG_DIR}/error.log
CustomLog ${APACHE_LOG_DIR}/access.log combined
<Proxy *>
<RequireAll>
Require all granted
Require not ip 10.0.2.0/24
</RequireAll>
</Proxy>
SSLProxyEngine on
SSLProxyVerify none
ProxyPass / https://10.0.0.3/
ProxyPassReverse / https://10.0.0.3/
ProxyRequests off
ProxyPreserveHost on
RequestHeader set X-Forwarded-Proto https
Include /etc/letsencrypt/options-ssl-apache.conf
SSLCertificateFile /etc/letsencrypt/live/meadowsburklepcrepair.com/fullchain.pem
SSLCertificateKeyFile /etc/letsencrypt/live/meadowsburklepcrepair.com/privkey.pem
</VirtualHost>

<VirtualHost *:443>
ServerName vaultwarden.meadowsburklepcrepair.com
ServerAdmin vin...@maxxburkleservices.com
ErrorLog ${APACHE_LOG_DIR}/error.log
CustomLog ${APACHE_LOG_DIR}/access.log combined
<Proxy *>
<RequireAll>
Require all granted
Require not ip 10.0.2.0/24
</RequireAll>
</Proxy>
SSLProxyEngine on
SSLProxyVerify none
ProxyPass / https://10.0.0.3/
ProxyPassReverse / https://10.0.0.3/
ProxyRequests off
ProxyPreserveHost on
RequestHeader set X-Forwarded-Proto https
Include /etc/letsencrypt/options-ssl-apache.conf
SSLCertificateFile /etc/letsencrypt/live/meadowsburklepcrepair.com/fullchain.pem
SSLCertificateKeyFile /etc/letsencrypt/live/meadowsburklepcrepair.com/privkey.pem
</VirtualHost>

<VirtualHost *:443>
ServerName villageofgamers.net
ServerAdmin vin...@villageofgamers.net
ErrorLog ${APACHE_LOG_DIR}/error.log
CustomLog ${APACHE_LOG_DIR}/access.log combined
DocumentRoot /var/www/html/redirects
DirectoryIndex index.php
Include /etc/letsencrypt/options-ssl-apache.conf
SSLCertificateFile /etc/letsencrypt/live/meadowsburklepcrepair.com/fullchain.pem
SSLCertificateKeyFile /etc/letsencrypt/live/meadowsburklepcrepair.com/privkey.pem
</VirtualHost>

I think I got it figured out; for some reason it was only affecting one service within my LAN, a ticketing system known as FreeScout. I have a Vaultwarden instance running on the same server that was on as well, but that has been accessible this whole
time, and not getting overrun by my mail server on the next-door-neighbor VM. I'm not sure what would have caused the problems I was seeing, but since FreeScout was not in use in the first place, I just went and got rid of it entirely.

--- SoupGate-Win32 v1.05
* Origin: fsxNet Usenet Gateway (21:1/5)

Who's Online
Recent Visitors
- Keyop
  Sun Apr 28 20:37:53 2024
  from Huddersfield, West Yorkshire via SSH
- Keyop
  Sun Apr 28 20:37:37 2024
  from Huddersfield, West Yorkshire via SSH
- Keyop
  Sun Apr 28 20:30:04 2024
  from Huddersfield, West Yorkshire via SSH
- Bob Worm
  Sun Apr 28 16:00:25 2024
  from Wales, Uk via Telnet

System Info

Sysop:	Keyop
Location:	Huddersfield, West Yorkshire, UK
Users:	297
Nodes:	16 (2 / 14)
Uptime:	01:49:46
Calls:	6,666
Calls today:	4
Files:	12,212
Messages:	5,335,597

Re: Using Apache2 as proxy to redirect traffic within LAN not working a

Who's Online

Recent Visitors

System Info