Reverse Proxy

Discuss and get help configuring CacheGuard to protect Web servers
Post Reply
Posts: 1
Joined: 19 May 2016 03:38

Reverse Proxy

Post by HannesKamleitner » 19 May 2016 06:16

Hi @all,

i have the following network configuration - see attachemnt (Network.jpg).

A Record with  exists
A Record with  exists
Trusted Certificates for both Domains exist.
RDWeb on is configured (with certificate) and intern I can access website.
Exchange on is configured (with certificate) and intern I can access website.

All ports from LTE modem are forwarded to CacheGuard Firewall.
From intern Network internet and everything is working.

But I fail to create a reverse proxy that I can access via extern (Internet) over DNS with my RDweb (
or via my Exchange (

Attaced you also will find the current configuration.

Hope, someone can help 

Thanks in advance
(5.78 KiB) Downloaded 216 times
Network.jpg (38.4 KiB) Viewed 2303 times

User avatar
Posts: 157
Joined: 08 Aug 2015 20:38

Re: Reverse Proxy

Post by david » 19 May 2016 08:13

Dear Hannes

I see that you use two backend Web servers for each of your two cloaked websites ( and In your configuration one backend Web server is listening on port 80 and the other on port 443 (which probably uses HTTPS (and not HTTP)).

Please note that when you implement CG as a reverse proxy, it acts as an SSL terminator (offloader) and all communications between CG and backend servers should are done in clear HTTP.

I suggest that you do the following:

- On your CG remove backend Web servers listening on port (443). To do so use the following commands:

Code: Select all

rweb host del 443
rweb host del 443
- On your backend Web servers (, ensure that they listen on port 80 in clear HTTP (maybe you can allow the clear HTTP access for your CG only (

Also if you use signed SSL certificates for your websites think about copying them on your CG and using them in your configuration instead of the default TLS object (see the command tls). You will have to copy all objects related to your certificate: private key, the certificate, the certificate chain if any.

Best Regards,
David Jan
CacheGuard Technical Team

Post Reply