Welcome, Guest. Please login or register.
Did you miss your activation email?
Tuesday 24 December 2024, 08:27:00 am

Login with username, password and session length

The Latest Endian Firewall is now available for download HERE
14262 Posts in 4377 Topics by 6517 Members
Latest Member: Sandro
Search:     Advanced search
+  EFW Support
|-+  Support
| |-+  EFW SMTP, HTTP, SIP, FTP Proxy Support
| | |-+  Proxy does not allow access to name based virtual hosts on VPN
0 Members and 1 Guest are viewing this topic. « previous next »
Pages: [1] Go Down Print
Author Topic: Proxy does not allow access to name based virtual hosts on VPN  (Read 15537 times)
Mitton Pienaar
Jr. Member
*
Offline Offline

Posts: 2


« on: Monday 15 March 2010, 07:46:16 pm »

Hi,

I'm using Endian Firewall 2.3 at a satellite office and Endian Firewall 2.2 at the main office with a net to net OpenVPN.

We are hosting a number of websites on an Apache 2 server at the main office.

Users can ping the web server.

When the transparent HTTP proxy is enabled at the satellite office, users cannot access web sites hosted at the main office name based virtual hosts.

They can access the organization's main website which is hosted on the same server as the other websites. The main website is the default website on Apache and the first VirtualHost entry in the /etc/apache2/sites-enable/000-default file on the web server.

However, all the other virtual hosts are not accessible.

When I disable the HTTP proxy they can access all the websites.

How can I enable the transparent HTTP proxy and still be able to access these websites?
Logged
Steve
Sr. Member
****
Offline Offline

Posts: 108



WWW
« Reply #1 on: Monday 15 March 2010, 09:33:09 pm »

Run a trace route to see where the traffic is trying to go. It sounds like its DNS related.
Logged

                          
Mitton Pienaar
Jr. Member
*
Offline Offline

Posts: 2


« Reply #2 on: Monday 15 March 2010, 11:47:55 pm »

No, it does not seem to be DNS related.

I can access myorganisationname.com on the server, but not intranet.

The tracert for myorganisationname.com and intranet is exactly the same.

The only difference is that myorganisationname is the first virtual host on Apache. It's on the same server, with the same IP address. The two domain names resolve to the same IP address when pinging.

I think it might be related to cache, where apache caches and squid also caches.

The error message I get is as follows:

ERROR
The requested URL could not be retrieved

While trying to retrieve the URL: http: // intranet/

The following error was encountered:
Access Denied.

Access control configuration prevents your request from being allowed at this time. Please contact your service provider if you feel this is incorrect.
Logged
Pages: [1] Go Up Print 
« previous next »
Jump to:  

Page created in 0.063 seconds with 18 queries.
Powered by SMF 1.1 RC2 | SMF © 2001-2005, Lewis Media Design by 7dana.com