[ale] [OT] Inbound web access using pfSense
jhubbslist at att.net
jhubbslist at att.net
Sun Jun 28 01:00:54 EDT 2020
Now that I've got a static IP (just one) I'm starting to work on hosting
my own web servers and the first thing I'm trying to do is make a nginx
and Apache Guacamole rig export Windows Server Remote Desktop sessions
via HTML5 (that's the Guacamole part) out to people who come in with a
URL I give them. I do not yet have internet DNS involved so the URL I
plan to give to one person I want to demonstrate the capability to will
have the form https://<internet_ip_address>/abcd.
I have all this set up behind a pfSense machine. From behind the pfSense
machine, I can point a browser to a URL in the form of
http://<nginx-guac_machine_ip_address>/wxyz, log in to Guacamole, and I
get an RDP session on the adjacent Windows server painted in the browser
window. In fact, I've got nginx where if I start the URL with http: it
will "auto-escalate" to https: using a self-signed certificate. What I'm
unclear about is what needs to happen in pfSense such that 1) someone
over the internet can come in at .../abcd as described above and pfSense
will change that to .../wxyz and 2) the https escalation still gets handled.
I expect that I will be using the nginx-Guacamole server for other
internet-reachable services so I won't want to do anything that will
pave over that flexibility.
- Jeff
More information about the Ale
mailing list