Configuration for external access
A reverse proxy is a network server that receives all external connections and sends them to the web server. See below how to configure external access to the system:
For external access to work correctly, the system access URL must be interpreted both on the stations and on the application server. To this end, the domain used for external access must be registered in the hosts file of the application server's operating system, pointing to the local IP (or 127.0.0.1).
- Open the hosts file of the SoftExpert Suite server for editing:
# vi /etc/hosts
- And add the access domain line, as in the following example:
127.0.0.1 <externalaccess>.softexpert.com
There cannot be a port change in the NAT configuration. If port 80 is being used in IIS, the firewall must also be directed to port 80. For example, 81 cannot be directed to 80; only equal ports are allowed.
Reverse proxy​
Considering that the DNS to be used externally is sesuite.softexpert.com, this same DNS must respond internally on the proxy server, pointing to the application server where the SoftExpert Suite is installed, as well as resolve the internal IP of this same server on the internal network.
To guarantee this procedure, we can use the HOSTS file of the proxy server and force DNS redirection to the desired (internal) IP. This must also be done on the application server.
Below is an example of the mod_proxy configuration using the sesuite.softexpert.com DNS:
<Proxy \*>
Order deny,allow
Allow from all
</Proxy>
ProxyRequests On
ProxyVia On
ProxyPass /se https://sesuite.softexpert.com/se
ProxyPassReverse /se https://sesuite.softexpert.com/se
ProxyPass /softexpert https://sesuite.softexpert.com/softexpert
ProxyPassReverse /softexpert https://sesuite.softexpert.com/softexpert
Below is a diagram for this scheme:
