0

I have several web servers in the LAN, addressable as http://serv1.lan/, http://serv2.lan/, etc.

To be addressed from outside the LAN, requests need to be passed through an authentication reverse proxy, such that https://proxy.com/serv1/ be translated into http://serv1.lan/ etc.

What are the regular expression rules needed to effect this conversion? The authentication server is IIS, but the proxy could also implemented in IsapiRewrite (which has a syntax similar to Apache).

aag
  • 407
  • 1
  • 6
  • 17

1 Answers1

1

I would try to avoid rewriting the addresses. The proxy should be perfectly capable of routing the address based on the received host address.

If these are different sites use an external naming scheme like serv1.example.com, serv1.example.com, etc. Configure the authenticating proxy to listen for these names and proxy them to the appropriate sever. Configure the servers with appropriate server aliases.

If you want to use a regex, then you likely want /(serv.)(.*) which would route to http//$1.lan$2.

For microservices, you likely don't want to change the path, so you would route to http:/$1.lan/$1$2 assuming the servername and context path are the same.

BillThor
  • 27,354
  • 3
  • 35
  • 69
  • Thank you BillThor, but the thing is, I cannot use https:://serv1.example.com because the web site does not allow for subdomains. Hence I need to translate the directory of the authentication server into a LAN server as described in the original post. – aag Jun 03 '18 at 17:27
  • @aag Subdomains are just additional sites (domains) or aliases. Last time I worked with IIS I thought it supported multiple sites (domains), Proxy configuration would depend on whether you are using separate sites or aliases..If you have control the DSN for your domain you can use either CNAME or A records to define the subdomains. The mapping you are suggesting may require content rewriting. – BillThor Jun 03 '18 at 22:13
  • True, but the vendor of this domain does not allow for subdomains under this particular pricing scheme. Hence I am stuck with modifying the address mapping. However, if I can manage to figure out the regex and the respective backreferences, it should be as good as subdomains - or at least I hope so. – aag Jun 04 '18 at 11:39