Geekzone: technology news, blogs, forums
Guest
Welcome Guest.
You haven't logged in yet. If you don't have an account you can register now.


View this topic in a long page with up to 500 replies per page Create new topic
1 | 2 | 3 | 4
timmmay
16536 posts

Uber Geek

Trusted
Subscriber

  #1569204 10-Jun-2016 10:16
Send private message

Paul1977:

 

timmmay:

 

You may be ok with one IP. Does ActiveSync address the server by domain name or by IP?

 

 

By domain name, but I'd still need a reverse proxy for this to work wouldn't I since ports 80 and 443 need to be forwarded to different internal servers depending on the requested URL?

 

I was hoping it might be possible to avoid needing a reverse proxy by having multiple public IPs.

 

 

Well, you can't easily get more static IPs, so a reverse proxy seems to be the answer. It's easy to put an Nginx server in your DMZ then proxy_pass requests through to private internal IPs based on the domain name or domain + path requested.


Paul1977

3442 posts

Uber Geek


  #1569224 10-Jun-2016 10:30
Send private message

timmmay:

 

Paul1977:

 

timmmay:

 

You may be ok with one IP. Does ActiveSync address the server by domain name or by IP?

 

 

By domain name, but I'd still need a reverse proxy for this to work wouldn't I since ports 80 and 443 need to be forwarded to different internal servers depending on the requested URL?

 

I was hoping it might be possible to avoid needing a reverse proxy by having multiple public IPs.

 

 

Well, you can't easily get more static IPs, so a reverse proxy seems to be the answer. It's easy to put an Nginx server in your DMZ then proxy_pass requests through to private internal IPs based on the domain name or domain + path requested.

 

 

Yeah, looks that way :(

 

I'm not a linux man at all, so I think some reading will be required!


 
 
 
 


timmmay
16536 posts

Uber Geek

Trusted
Subscriber

  #1569227 10-Jun-2016 10:36
Send private message

Nginx is pretty easy, and I think it runs on Unix. If this is for business you may find it's better to get a consultant in to set up the Linux system and the Nginx rules. Setting up Ubuntu, installing Nginx, setting up the rules, not that difficult, but you may want immediate support if something goes wrong - that requires an SLA or contract.


ajobbins
Awesome
4891 posts

Uber Geek

Trusted
Subscriber

  #1569228 10-Jun-2016 10:36
Send private message

I run Apache on windows for my reverse proxy at home. Pretty easy to configure, lots of online support and it's very lightweight.

 

I was using IIS but that is a lot heavier, and the machine I was running it on is very low spec so Apache runs much better.





Twitter: ajobbins


timmmay
16536 posts

Uber Geek

Trusted
Subscriber

  #1569229 10-Jun-2016 10:40
Send private message

Nginx is super lightweight, fast, scalable, and easy to set up compared with Apache. It uses around 10MB of RAM and little CPU. I run Nginx on my website, which isn't high volume but gets millions of hits per month. I prefer it to Apache.


Paul1977

3442 posts

Uber Geek


  #1569251 10-Jun-2016 11:08
Send private message

timmmay:

 

Nginx is pretty easy, and I think it runs on Unix. If this is for business you may find it's better to get a consultant in to set up the Linux system and the Nginx rules. Setting up Ubuntu, installing Nginx, setting up the rules, not that difficult, but you may want immediate support if something goes wrong - that requires an SLA or contract.

 

 

I'll give it a try myself first.

 

Can I just use Ubuntu Desktop? I assume it's just NGINX Open Source that I want, not NGINX Plus?


darylblake
1028 posts

Uber Geek

Trusted

  #1569256 10-Jun-2016 11:22
Send private message

Use Ubuntu server 14.04LTS or 16.04LTS, centos 7 or Debian 8. Don't use desktop OS.

Are you using UFB? I could get one of the sales guys here to quote you a multi IP solution over UFB if you think it would be easier.

 
 
 
 


Paul1977

3442 posts

Uber Geek


  #1569259 10-Jun-2016 11:25
Send private message

darylblake: Use Ubuntu server 14.04LTS or 16.04LTS, centos 7 or Debian 8. Don't use desktop OS.

Are you using UFB? I could get one of the sales guys here to quote you a multi IP solution over UFB if you think it would be easier.

 

Multi IP would be easier, but would rather not have to change providers if possible. I'll see how this goes first.

 

Thanks


deadlyllama
1019 posts

Uber Geek


  #1569275 10-Jun-2016 11:41
Send private message

Paul1977:

 

timmmay:

 

Nginx is pretty easy, and I think it runs on Unix. If this is for business you may find it's better to get a consultant in to set up the Linux system and the Nginx rules. Setting up Ubuntu, installing Nginx, setting up the rules, not that difficult, but you may want immediate support if something goes wrong - that requires an SLA or contract.

 

 

I'll give it a try myself first.

 

Can I just use Ubuntu Desktop? I assume it's just NGINX Open Source that I want, not NGINX Plus?

 

 

You usually install Linux software, if at all possible, with the package manager.  In ubuntu desktop that's "Software Center."  Search in there for nginx.


darylblake
1028 posts

Uber Geek

Trusted

  #1569277 10-Jun-2016 11:43
Send private message

No worries mate.

Heres a config yo get you started.. I have not tested it all but you should be able to get a rough idea.

 

I would do a minimum install of Ubuntu server 16.04. 

 

apt-get update it to latest repos.

 

then sudo apt-get install nginx

 

Then i would use a config like this: 

 

user nginx;
worker_processes auto;
error_log /var/log/nginx/error.log;
pid /run/nginx.pid;

 

events {
worker_connections 1024;
}

 

http {
log_format main '$remote_addr - $remote_user [$time_local] "$request" '
'$status $body_bytes_sent "$http_referer" '
'"$http_user_agent" "$http_x_forwarded_for"';

 

access_log /var/log/nginx/access.log main;

 

sendfile on;
tcp_nopush on;
tcp_nodelay on;
keepalive_timeout 65;
types_hash_max_size 2048;

 

include /etc/nginx/mime.types;
default_type application/octet-stream;

 

# Load modular configuration files from the /etc/nginx/conf.d directory.
# See http://nginx.org/en/docs/ngx_core_module.html#include
# for more information.
include /etc/nginx/conf.d/*.conf;

 

#port 80 config
server {
listen 80 default_server;
listen [::]:80 default_server;
server_name _;
root /usr/share/nginx/html;

 

# Load configuration files for the default server block.
include /etc/nginx/default.d/*.conf;

 

location / {
proxy_pass http://internal.webserver.mycompany.com:80/;
}
error_page 404 /404.html;
location = /40x.html {
}

 

error_page 500 502 503 504 /50x.html;
location = /50x.html {
}
}

 

#FTP port 443 config
server {
listen 443 default_server;
listen [::]:443 default_server;
server_name _;
root /usr/share/nginx/html;

 

# Load configuration files for the default server block.
include /etc/nginx/default.d/*.conf;

 

location / {
proxy_pass https://internal.webserver.mycompany.com/:443;
}
error_page 404 /404.html;
location = /40x.html {
}
error_page 500 502 503 504 /50x.html;
location = /50x.html {
}
}

 

#FTP port 21 config
server {
listen 21 default_server;
listen [::]:21 default_server;
server_name _;
root /usr/share/nginx/html;

 

# Load configuration files for the default server block.
include /etc/nginx/default.d/*.conf;

 

location / {
proxy_pass ftp://internalftpserver.mycompany.com:21/;
}
error_page 404 /404.html;
location = /40x.html {
}
error_page 500 502 503 504 /50x.html;
location = /50x.html {
}
}
}

 

 

 

dont take it as gospel, but it should be enough to give you an idea on how to do it. 


deadlyllama
1019 posts

Uber Geek


  #1569279 10-Jun-2016 11:44
Send private message

deadlyllama:

 

Paul1977:

 

timmmay:

 

Nginx is pretty easy, and I think it runs on Unix. If this is for business you may find it's better to get a consultant in to set up the Linux system and the Nginx rules. Setting up Ubuntu, installing Nginx, setting up the rules, not that difficult, but you may want immediate support if something goes wrong - that requires an SLA or contract.

 

 

I'll give it a try myself first.

 

Can I just use Ubuntu Desktop? I assume it's just NGINX Open Source that I want, not NGINX Plus?

 

 

You usually install Linux software, if at all possible, with the package manager.  In ubuntu desktop that's "Software Center."  Search in there for nginx.

 

 

<sales>And if you need a consultant to set it up for you, I could build you an haproxy setup.  It's what we use for our customer hosting system, it's pretty simple, and even possible to stick SSL webservers behind it.</sales>


Paul1977

3442 posts

Uber Geek


  #1569330 10-Jun-2016 11:55
Send private message

darylblake:

 

No worries mate.

Heres a config yo get you started.. I have not tested it all but you should be able to get a rough idea.

 

I would do a minimum install of Ubuntu server 16.04. 

 

apt-get update it to latest repos.

 

then sudo apt-get install nginx

 

Then i would use a config like this: 

 

user nginx;
worker_processes auto;
error_log /var/log/nginx/error.log;
pid /run/nginx.pid;

 

events {
worker_connections 1024;
}

 

http {
log_format main '$remote_addr - $remote_user [$time_local] "$request" '
'$status $body_bytes_sent "$http_referer" '
'"$http_user_agent" "$http_x_forwarded_for"';

 

access_log /var/log/nginx/access.log main;

 

sendfile on;
tcp_nopush on;
tcp_nodelay on;
keepalive_timeout 65;
types_hash_max_size 2048;

 

include /etc/nginx/mime.types;
default_type application/octet-stream;

 

# Load modular configuration files from the /etc/nginx/conf.d directory.
# See http://nginx.org/en/docs/ngx_core_module.html#include
# for more information.
include /etc/nginx/conf.d/*.conf;

 

#port 80 config
server {
listen 80 default_server;
listen [::]:80 default_server;
server_name _;
root /usr/share/nginx/html;

 

# Load configuration files for the default server block.
include /etc/nginx/default.d/*.conf;

 

location / {
proxy_pass http://internal.webserver.mycompany.com:80/;
}
error_page 404 /404.html;
location = /40x.html {
}

 

error_page 500 502 503 504 /50x.html;
location = /50x.html {
}
}

 

#FTP port 443 config
server {
listen 443 default_server;
listen [::]:443 default_server;
server_name _;
root /usr/share/nginx/html;

 

# Load configuration files for the default server block.
include /etc/nginx/default.d/*.conf;

 

location / {
proxy_pass https://internal.webserver.mycompany.com/:443;
}
error_page 404 /404.html;
location = /40x.html {
}
error_page 500 502 503 504 /50x.html;
location = /50x.html {
}
}

 

#FTP port 21 config
server {
listen 21 default_server;
listen [::]:21 default_server;
server_name _;
root /usr/share/nginx/html;

 

# Load configuration files for the default server block.
include /etc/nginx/default.d/*.conf;

 

location / {
proxy_pass ftp://internalftpserver.mycompany.com:21/;
}
error_page 404 /404.html;
location = /40x.html {
}
error_page 500 502 503 504 /50x.html;
location = /50x.html {
}
}
}

 

 

 

dont take it as gospel, but it should be enough to give you an idea on how to do it. 

 

 

Thanks Daryl, much appreciated. Just installing Ubuntu now, so I let you know how I get on.


Paul1977

3442 posts

Uber Geek


  #1569331 10-Jun-2016 12:00
Send private message

deadlyllama:

 

Paul1977:

 

timmmay:

 

Nginx is pretty easy, and I think it runs on Unix. If this is for business you may find it's better to get a consultant in to set up the Linux system and the Nginx rules. Setting up Ubuntu, installing Nginx, setting up the rules, not that difficult, but you may want immediate support if something goes wrong - that requires an SLA or contract.

 

 

I'll give it a try myself first.

 

Can I just use Ubuntu Desktop? I assume it's just NGINX Open Source that I want, not NGINX Plus?

 

 

You usually install Linux software, if at all possible, with the package manager.  In ubuntu desktop that's "Software Center."  Search in there for nginx.

 

 

Thanks


Zeon
3645 posts

Uber Geek

Trusted

  #1569332 10-Jun-2016 12:00
Send private message

Paul1977:

 

darylblake: The other option is you could buy more IP's.

 

This seemed like a good idea, but Spark have come back and said "We can only assign one Static IP to each broadband connection I am afraid. This is a system issue, not a business rule."

 

I tend to take what Spark first level support tell me with a grain of salt, as I have been given incorrect info in the past.

 

Can anyone confirm if the above is definitely the case? @cbrpilot do you have any knowledge about this?

 

Thanks

 

 

 

 

Seriously - why make your life so much harder because you have a crappy ISP who cannot offer basic features a business ISP should be able to? Virtually every business ISP should be able to provide multiple static IPv4 (we had a routed /29 subnet over VDSL once with Unleash). 2degrees/Snap definitely does this also as I am sure DTS etc. do too.

 

 

 

They should all be able to offer you a decent size IPv6 subnet. If the mobile carriers deployed IPv6 you could almost get away with running activesync IPv6 only..





Speedtest 2019-10-14


Paul1977

3442 posts

Uber Geek


  #1569339 10-Jun-2016 12:07
Send private message

Zeon:

 

Paul1977:

 

darylblake: The other option is you could buy more IP's.

 

This seemed like a good idea, but Spark have come back and said "We can only assign one Static IP to each broadband connection I am afraid. This is a system issue, not a business rule."

 

I tend to take what Spark first level support tell me with a grain of salt, as I have been given incorrect info in the past.

 

Can anyone confirm if the above is definitely the case? @cbrpilot do you have any knowledge about this?

 

Thanks

 

 

Seriously - why make your life so much harder because you have a crappy ISP who cannot offer basic features a business ISP should be able to? Virtually every business ISP should be able to provide multiple static IPv4 (we had a routed /29 subnet over VDSL once with Unleash). 2degrees/Snap definitely does this also as I am sure DTS etc. do too.

 

 They should all be able to offer you a decent size IPv6 subnet. If the mobile carriers deployed IPv6 you could almost get away with running activesync IPv6 only..

 

 

It's surprising that Spark don't do it when others do. But right now it's a matter of weighing up which is more of a pain, changing ISPs or getting a reverse proxy working.


1 | 2 | 3 | 4
View this topic in a long page with up to 500 replies per page Create new topic





News »

Huawei launches IdeaHub Pro in New Zealand
Posted 27-Oct-2020 16:41


Southland-based IT specialist providing virtual services worldwide
Posted 27-Oct-2020 15:55


NASA discovers water on sunlit surface of Moon
Posted 27-Oct-2020 08:30


Huawei introduces new features to Petal Search, Maps and Docs
Posted 26-Oct-2020 18:05


Nokia selected by NASA to build first ever cellular network on the Moon
Posted 21-Oct-2020 08:34


Nanoleaf enhances lighting line with launch of Triangles and Mini Triangles
Posted 17-Oct-2020 20:18


Synology unveils DS16211+
Posted 17-Oct-2020 20:12


Ingram Micro introduces FootfallCam to New Zealand channel
Posted 17-Oct-2020 20:06


Dropbox adopts Virtual First working policy
Posted 17-Oct-2020 19:47


OPPO announces Reno4 Series 5G line-up in NZ
Posted 16-Oct-2020 08:52


Microsoft Highway to a Hundred expands to Asia Pacific
Posted 14-Oct-2020 09:34


Spark turns on 5G in Auckland
Posted 14-Oct-2020 09:29


AMD Launches AMD Ryzen 5000 Series Desktop Processors
Posted 9-Oct-2020 10:13


Teletrac Navman launches integrated multi-camera solution for transport and logistics industry
Posted 8-Oct-2020 10:57


Farmside hits 10,000 RBI customers
Posted 7-Oct-2020 15:32









Geekzone Live »

Try automatic live updates from Geekzone directly in your browser, without refreshing the page, with Geekzone Live now.


Support Geekzone »

Our community of supporters help make Geekzone possible. Click the button below to join them.

Support Geezone on PressPatron



Are you subscribed to our RSS feed? You can download the latest headlines and summaries from our stories directly to your computer or smartphone by using a feed reader.

Alternatively, you can receive a daily email with Geekzone updates.