httpd-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Paul Cocker" <paul.coc...@tntpost.co.uk>
Subject RE: [users@httpd] Redirecting to internal server
Date Wed, 28 Nov 2007 16:30:09 GMT
I have managed to fix this (was indeed an issue with the DMZ-Internal
router) and the proxy is working brilliantly. Many thanks to those who
chipped in :)

I have run into a new issue. To secure the resources found on this page
we were intended to use NTLM authentication, seeing as how the resources
are on a Windows server. This would be a quick and easy way of
protecting the resources. However, while I am prompted to enter a
username and password, it is never accepted despite the credentials
being correct.

When I try to access the resources direct (bypassing the Apache proxy)
it works fine.

Will this Proxy method (or Apache?) not work with this NTLM
authentication? 


Paul Cocker
IT Systems Administrator
IT Security Officer

01628 81(6647)

TNT Post
1 Globeside Business Park
Fieldhouse Lane
Marlow
Bucks
SL7 1HY

-----Original Message-----
From: Paul Cocker [mailto:paul.cocker@tntpost.co.uk] 
Sent: 28 November 2007 15:44
To: users@httpd.apache.org
Subject: RE: [users@httpd] Redirecting to internal server

This error has only started occurring (when trying to access the
relevant folder) after the proxy lines were added to the virtual host.
Before then it simply tried to find that folder and failed, so this is
progress! :)

What I want to clarify is whether a 502 can mean "no response" as well
as "I reached it, but didn't understand it". I can't seem to telnet from
the DMZ server to the internal one on port 80, so I suspect a routing
issue, but I want to confirm.


Paul Cocker
IT Systems Administrator
IT Security Officer

01628 81(6647)

TNT Post
1 Globeside Business Park
Fieldhouse Lane
Marlow
Bucks
SL7 1HY

-----Original Message-----
From: David Cassidy [mailto:david@twocats.co.uk]
Sent: 28 November 2007 15:11
To: users@httpd.apache.org
Subject: RE: [users@httpd] Redirecting to internal server

Yes such errors would go direct to the client unless you do something on
apache to send back something else.

Turn up your proxy logging and you can see what IIS is sending back.
You might want to check you are doing proxying and not re-directing...



On Wed, 2007-11-28 at 15:08 +0000, Paul Cocker wrote:
> The proxy is currently registering a 502 Bad Gateway error. Is a 
> failure to reach the internal server the most likely cause, or are 
> there issues with communication between Apache 2.0.59 and IIS 6 which 
> can cause this to occur? For example, attempting to access the default

> page would get you the error:
> 
> Directory Listing Denied
> This Virtual Directory does not allow contents to be listed.
> 
> Would such errors be directly relayed to the client? 
>  
> 
> Paul Cocker
> IT Systems Administrator
> IT Security Officer
> 
> 01628 81(6647)
> 
> TNT Post
> 1 Globeside Business Park
> Fieldhouse Lane
> Marlow
> Bucks
> SL7 1HY
> 
>  
> 
> ________________________________
> 
> From: Victor Trac [mailto:victor.trac@gmail.com]
> Sent: 28 November 2007 14:29
> To: users@httpd.apache.org
> Subject: Re: [users@httpd] Redirecting to internal server
> 
> 
> On Nov 28, 2007 12:28 PM, Paul Cocker <paul.cocker@tntpost.co.uk>
wrote:
> 
> 
> 	Thanks, you're right, not only was it the wrong block it was the

> wrong
> 	config file. I forgot that when we upgraded Apache we used the
new
> 	config locations but didn't delete the old configs "just in
case".
> 	
> 	The proxy element is now working alas I have a new and exciting 
> problem,
> 	but it's one outside the scope of this list so thanks for your
> 	assistance. With time I hope I'll be more confident in my own 
> diagnosis
> 	of the problem :)
> 	
> 	One question, when acting as a reverse proxy what does Apache
use as 
> a
> 	source port, anything above 1023?
> 	
> 
> 
> 	Paul Cocker
> 	IT Systems Administrator
> 	
> 	IT Security Officer
> 	
> 	01628 81(6647)
> 	
> 	TNT Post
> 	
> 	1 Globeside Business Park
> 	Fieldhouse Lane
> 	Marlow
> 	
> 	Bucks
> 	SL7 1HY
> 	
> 
> 
> 
> Yup, apache just uses a free, non-privileged port. 
> 


---------------------------------------------------------------------
The official User-To-User support forum of the Apache HTTP Server
Project.
See <URL:http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
   "   from the digest: users-digest-unsubscribe@httpd.apache.org
For additional commands, e-mail: users-help@httpd.apache.org





TNT Post is the trading name for TNT Post UK Ltd (company number:
04417047), TNT Post (Doordrop Media) Ltd (00613278), TNT Post Scotland
Ltd (05695897),TNT Post North Ltd (05701709) and TNT Post South West Ltd
(05983401). Emma's Diary and Lifecycle are trading names for Lifecycle
Marketing (Mother and Baby) Ltd (02556692). All companies are registered
in England and Wales; registered address: 1 Globeside Business Park,
Fieldhouse Lane, Marlow, Buckinghamshire, SL7 1HY.


---------------------------------------------------------------------
The official User-To-User support forum of the Apache HTTP Server
Project.
See <URL:http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
   "   from the digest: users-digest-unsubscribe@httpd.apache.org
For additional commands, e-mail: users-help@httpd.apache.org





TNT Post is the trading name for TNT Post UK Ltd (company number: 04417047), TNT Post (Doordrop
Media) Ltd (00613278), TNT Post Scotland Ltd (05695897),TNT Post North Ltd (05701709) and
TNT Post South West Ltd (05983401). Emma's Diary and Lifecycle are trading names for Lifecycle
Marketing (Mother and Baby) Ltd (02556692). All companies are registered in England and Wales;
registered address: 1 Globeside Business Park, Fieldhouse Lane, Marlow, Buckinghamshire, SL7
1HY.


---------------------------------------------------------------------
The official User-To-User support forum of the Apache HTTP Server Project.
See <URL:http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
   "   from the digest: users-digest-unsubscribe@httpd.apache.org
For additional commands, e-mail: users-help@httpd.apache.org


Mime
View raw message