I need some help with a networking problem I have been working on for a long time now. I'm pretty sure what I want to do can be done but I don't see any good examples of my situation. Here is what I want to do. I have 3 webservers in my house. One for my security cameras, one for my thermastat, and one for my bittorrent client. They are all on seprate IP addresses. I want to be able to access all of them from one external URL/port. My ISP dropps packets from port 80 so that port is out. I can use and access port 443 from just about everywhere. What I'm looking to do is be able to go to my myurl.dnydns.org account URL for all three pages over port 443. So it will look like this. myurl.dyndns.org:443/camera -- for the camera server myurl.dyndns.org:443/hvac -- for the thermostat myurl.dyndns.org:443/bittorrent -- for the bittorrent server From what I have read I think I can do this with the Squid proxy server setup to do a reverse proxy. Can anyone show me how to configure everything so that it works the way I want it to? I will be using the windows version of Squid if it can do it. Also if you know of another way to do this using XP and free software please let me know. I had a similar issue with VNC but I found UltraVNC with its proxy repeater fixed that. I'm looking for something like that solution but for websites.
Seems that you can solve the problem even easier, since they're all on different (external, i assume) IP addresses. First, point your URL to one of the servers, it doesn't really matter which. Second, set up a simple web server (Apache would be the quickest/easiest) to listen to that port. Third, set up a redirect to your other servers for certain URL's. You go to myurl.dyndns.org:443/camera and it simply redirects your browser to the appropriate URL for the camera server. I would say that is the quickest/easiest way to go about getting it setup.
I assume just the opposite: all of the servers are using one external IP address. The easiest solution is to use three different ports, and forward each port via the NAT router to the proper internal IP. Tom
That's what you would assume for a normal home setup... however since he specified three separate IP addresses, i would think he was doing so because it wasn't setup as normal. Your solution there is certainly one i have used before in home setups (for example, setting up remote desktop capabilities for my mom's computer, while also providing access to her Slingbox remotely).
Well my mistake for saying separate IP's I should have said separate boxes or separate internal IP's. I did however manage to get it working the way I wanted to and here is what I did. I found a piece of software called at32 Reverse Proxy. It sits on my main computer and listens on port 443 for a URL like server.home.jaygroh.com:443. Depending on what the server name is it routes it to the appropriate web server. Then on my web host end I created a subdomain of home.jaygroh.com. Then I created CNAME entries for server.home.jaygroh.com and point them to myurl.dyndns.org. So far this setup is working great and I can now access all my internal websites from one port. The only thing that would make this better is if my ISP did not block port 80.
I know LogMeIn and Go To My PC offer a VNC-like experience but they are much better at traversing NAT/firewalls. Also, I think a router like a Linksys WRT54GL flashed to Tomato or DD-WRT can also run Squid as well, so you can leave a computer off - and configure a VPN on it and you'll have something equivalent to a Cisco 800/1800 series router or SonicWALL. Transparent Proxy - DD-WRT Wiki
I use ultravnc with its proxy repeater. Works real well even over slow connections. I use Tomato on my WRT54GL routers but since my security camera PC is on all the time I use it for my NAT and I have it locked down the best I can with xp. I use zonealarm for the firewall and peergaurdian just for that extra layer of protection from the mob. Pluse ja few more security tweaks.
DD-WRT's never failed me in a mixed Mac/XP/Vista enviroment. Now if they can support a Belkin wireless-N router I bought at Costco...
I assume you're on dynamic network space and are thus unsure of what your home external IP is when you're not there? If you could get static space I'd skip the DNS stuff and just use the IP address. I would probably also think of gatewaying everything through forwarded ports via an SSH server, so you only hang one reasonably proven service out there [and not on port 22 so the automated sweepers don't see you] and then all your interaction would be to 127.0.0.1:NNNN/camera and the like. . _H*
