dslreports logo
 
    All Forums Hot Topics Gallery
spc
Search similar:


uniqs
4107

lacibaci
join:2000-04-10
Export, PA
Technicolor CGA4131
Ubiquiti EdgeRouter ERPro8
Ubiquiti UniFi UAP-AC-PRO

lacibaci

Member

USG50 as SSL (https) proxy

I'd like to configure my USG50 to serve as https proxy. How would I go about it?
Currently I have a web server behind USG that I access via http. I would like to add an option of accessing it also by https but I don't want to change web server config. Is this this possible?
lacibaci

lacibaci

Member

Any advice guys? Basically I would like the USG50 take HTTPS request from WAN and forward it to an HTTP server running behind it.

Brano
I hate Vogons
MVM
join:2002-06-25
Burlington, ON
(Software) OPNsense
Ubiquiti UniFi UAP-AC-PRO
Ubiquiti NanoBeam M5 16

Brano to lacibaci

MVM

to lacibaci
You could try SSL VPN in reverse proxy mode. Then the SSL VPN will take care of securing the connection and you'd use regular http to access your server. This may be hit-miss though based on your requirements and server setup complexity.
And you would need to name users and always establish the SSL VPN connection first. PITA in many cases.

The best solution is to properly configure https on the web server and forward port 443 on the USG. With self signed certificates this is typically quite easy on any http server (i.e. apache or IIS). You don't really change anything on the web server other than enabling new method of access (https).

What kind of web server do you run?

lacibaci
join:2000-04-10
Export, PA

lacibaci

Member

I run Apache 2.2 on Windows.

Brano
I hate Vogons
MVM
join:2002-06-25
Burlington, ON
(Software) OPNsense
Ubiquiti UniFi UAP-AC-PRO
Ubiquiti NanoBeam M5 16

1 edit

Brano

MVM

Hmm, on windows, eh? I could give you config on linux in no time, however I'm not sure where are all the config files stored on windows.
Basically you need to
- create a self signed certificate or buy a cert from some public CA
- install the certificate
- enable mod_ssl
- enable https virtual host
- restart apache

How about some config examples on windows? »lmgtfy.com/?q=enable+htt ··· windows#

EDIT: Check your install first, https with some dafult example cert may be enabled by default.

lacibaci
join:2000-04-10
Export, PA
Technicolor CGA4131
Ubiquiti EdgeRouter ERPro8
Ubiquiti UniFi UAP-AC-PRO

lacibaci

Member

I followed this how-to:
»www.silverwareconsulting ··· -Windows

Created NAT rule, firewall rule. Piece of cake actually...

Brano
I hate Vogons
MVM
join:2002-06-25
Burlington, ON

Brano

MVM

A je to!