Geekzone: technology news, blogs, forums
Guest
Welcome Guest.
You haven't logged in yet. If you don't have an account you can register now.
View this topic in a long page with up to 500 replies per page Create new topic
1 | 2 | 3 | 4
13908 posts

Uber Geek
+1 received by user: 2468

Trusted
Subscriber

  Reply # 1569204 10-Jun-2016 10:16
Send private message

Paul1977:

 

timmmay:

 

You may be ok with one IP. Does ActiveSync address the server by domain name or by IP?

 

 

By domain name, but I'd still need a reverse proxy for this to work wouldn't I since ports 80 and 443 need to be forwarded to different internal servers depending on the requested URL?

 

I was hoping it might be possible to avoid needing a reverse proxy by having multiple public IPs.

 

 

Well, you can't easily get more static IPs, so a reverse proxy seems to be the answer. It's easy to put an Nginx server in your DMZ then proxy_pass requests through to private internal IPs based on the domain name or domain + path requested.





AWS Certified Solution Architect Professional, Sysop Administrator Associate, and Developer Associate
TOGAF certified enterprise architect
Professional photographer




2145 posts

Uber Geek
+1 received by user: 616


  Reply # 1569224 10-Jun-2016 10:30
Send private message

timmmay:

 

Paul1977:

 

timmmay:

 

You may be ok with one IP. Does ActiveSync address the server by domain name or by IP?

 

 

By domain name, but I'd still need a reverse proxy for this to work wouldn't I since ports 80 and 443 need to be forwarded to different internal servers depending on the requested URL?

 

I was hoping it might be possible to avoid needing a reverse proxy by having multiple public IPs.

 

 

Well, you can't easily get more static IPs, so a reverse proxy seems to be the answer. It's easy to put an Nginx server in your DMZ then proxy_pass requests through to private internal IPs based on the domain name or domain + path requested.

 

 

Yeah, looks that way :(

 

I'm not a linux man at all, so I think some reading will be required!


13908 posts

Uber Geek
+1 received by user: 2468

Trusted
Subscriber

  Reply # 1569227 10-Jun-2016 10:36
Send private message

Nginx is pretty easy, and I think it runs on Unix. If this is for business you may find it's better to get a consultant in to set up the Linux system and the Nginx rules. Setting up Ubuntu, installing Nginx, setting up the rules, not that difficult, but you may want immediate support if something goes wrong - that requires an SLA or contract.





AWS Certified Solution Architect Professional, Sysop Administrator Associate, and Developer Associate
TOGAF certified enterprise architect
Professional photographer


Awesome
4794 posts

Uber Geek
+1 received by user: 1060

Trusted
Subscriber

  Reply # 1569228 10-Jun-2016 10:36
Send private message

I run Apache on windows for my reverse proxy at home. Pretty easy to configure, lots of online support and it's very lightweight.

 

I was using IIS but that is a lot heavier, and the machine I was running it on is very low spec so Apache runs much better.





Twitter: ajobbins


13908 posts

Uber Geek
+1 received by user: 2468

Trusted
Subscriber

  Reply # 1569229 10-Jun-2016 10:40
Send private message

Nginx is super lightweight, fast, scalable, and easy to set up compared with Apache. It uses around 10MB of RAM and little CPU. I run Nginx on my website, which isn't high volume but gets millions of hits per month. I prefer it to Apache.





AWS Certified Solution Architect Professional, Sysop Administrator Associate, and Developer Associate
TOGAF certified enterprise architect
Professional photographer




2145 posts

Uber Geek
+1 received by user: 616


  Reply # 1569251 10-Jun-2016 11:08
Send private message

timmmay:

 

Nginx is pretty easy, and I think it runs on Unix. If this is for business you may find it's better to get a consultant in to set up the Linux system and the Nginx rules. Setting up Ubuntu, installing Nginx, setting up the rules, not that difficult, but you may want immediate support if something goes wrong - that requires an SLA or contract.

 

 

I'll give it a try myself first.

 

Can I just use Ubuntu Desktop? I assume it's just NGINX Open Source that I want, not NGINX Plus?


892 posts

Ultimate Geek
+1 received by user: 268

Trusted

  Reply # 1569256 10-Jun-2016 11:22
Send private message

Use Ubuntu server 14.04LTS or 16.04LTS, centos 7 or Debian 8. Don't use desktop OS.

Are you using UFB? I could get one of the sales guys here to quote you a multi IP solution over UFB if you think it would be easier.







2145 posts

Uber Geek
+1 received by user: 616


  Reply # 1569259 10-Jun-2016 11:25
Send private message

darylblake: Use Ubuntu server 14.04LTS or 16.04LTS, centos 7 or Debian 8. Don't use desktop OS.

Are you using UFB? I could get one of the sales guys here to quote you a multi IP solution over UFB if you think it would be easier.

 

Multi IP would be easier, but would rather not have to change providers if possible. I'll see how this goes first.

 

Thanks


892 posts

Ultimate Geek
+1 received by user: 278


  Reply # 1569275 10-Jun-2016 11:41
Send private message

Paul1977:

 

timmmay:

 

Nginx is pretty easy, and I think it runs on Unix. If this is for business you may find it's better to get a consultant in to set up the Linux system and the Nginx rules. Setting up Ubuntu, installing Nginx, setting up the rules, not that difficult, but you may want immediate support if something goes wrong - that requires an SLA or contract.

 

 

I'll give it a try myself first.

 

Can I just use Ubuntu Desktop? I assume it's just NGINX Open Source that I want, not NGINX Plus?

 

 

You usually install Linux software, if at all possible, with the package manager.  In ubuntu desktop that's "Software Center."  Search in there for nginx.


892 posts

Ultimate Geek
+1 received by user: 268

Trusted

  Reply # 1569277 10-Jun-2016 11:43
Send private message

No worries mate.

Heres a config yo get you started.. I have not tested it all but you should be able to get a rough idea.

 

I would do a minimum install of Ubuntu server 16.04. 

 

apt-get update it to latest repos.

 

then sudo apt-get install nginx

 

Then i would use a config like this: 

 

user nginx;
worker_processes auto;
error_log /var/log/nginx/error.log;
pid /run/nginx.pid;

 

events {
worker_connections 1024;
}

 

http {
log_format main '$remote_addr - $remote_user [$time_local] "$request" '
'$status $body_bytes_sent "$http_referer" '
'"$http_user_agent" "$http_x_forwarded_for"';

 

access_log /var/log/nginx/access.log main;

 

sendfile on;
tcp_nopush on;
tcp_nodelay on;
keepalive_timeout 65;
types_hash_max_size 2048;

 

include /etc/nginx/mime.types;
default_type application/octet-stream;

 

# Load modular configuration files from the /etc/nginx/conf.d directory.
# See http://nginx.org/en/docs/ngx_core_module.html#include
# for more information.
include /etc/nginx/conf.d/*.conf;

 

#port 80 config
server {
listen 80 default_server;
listen [::]:80 default_server;
server_name _;
root /usr/share/nginx/html;

 

# Load configuration files for the default server block.
include /etc/nginx/default.d/*.conf;

 

location / {
proxy_pass http://internal.webserver.mycompany.com:80/;
}
error_page 404 /404.html;
location = /40x.html {
}

 

error_page 500 502 503 504 /50x.html;
location = /50x.html {
}
}

 

#FTP port 443 config
server {
listen 443 default_server;
listen [::]:443 default_server;
server_name _;
root /usr/share/nginx/html;

 

# Load configuration files for the default server block.
include /etc/nginx/default.d/*.conf;

 

location / {
proxy_pass https://internal.webserver.mycompany.com/:443;
}
error_page 404 /404.html;
location = /40x.html {
}
error_page 500 502 503 504 /50x.html;
location = /50x.html {
}
}

 

#FTP port 21 config
server {
listen 21 default_server;
listen [::]:21 default_server;
server_name _;
root /usr/share/nginx/html;

 

# Load configuration files for the default server block.
include /etc/nginx/default.d/*.conf;

 

location / {
proxy_pass ftp://internalftpserver.mycompany.com:21/;
}
error_page 404 /404.html;
location = /40x.html {
}
error_page 500 502 503 504 /50x.html;
location = /50x.html {
}
}
}

 

 

 

dont take it as gospel, but it should be enough to give you an idea on how to do it. 






892 posts

Ultimate Geek
+1 received by user: 278


  Reply # 1569279 10-Jun-2016 11:44
Send private message

deadlyllama:

 

Paul1977:

 

timmmay:

 

Nginx is pretty easy, and I think it runs on Unix. If this is for business you may find it's better to get a consultant in to set up the Linux system and the Nginx rules. Setting up Ubuntu, installing Nginx, setting up the rules, not that difficult, but you may want immediate support if something goes wrong - that requires an SLA or contract.

 

 

I'll give it a try myself first.

 

Can I just use Ubuntu Desktop? I assume it's just NGINX Open Source that I want, not NGINX Plus?

 

 

You usually install Linux software, if at all possible, with the package manager.  In ubuntu desktop that's "Software Center."  Search in there for nginx.

 

 

<sales>And if you need a consultant to set it up for you, I could build you an haproxy setup.  It's what we use for our customer hosting system, it's pretty simple, and even possible to stick SSL webservers behind it.</sales>




2145 posts

Uber Geek
+1 received by user: 616


  Reply # 1569330 10-Jun-2016 11:55
Send private message

darylblake:

 

No worries mate.

Heres a config yo get you started.. I have not tested it all but you should be able to get a rough idea.

 

I would do a minimum install of Ubuntu server 16.04. 

 

apt-get update it to latest repos.

 

then sudo apt-get install nginx

 

Then i would use a config like this: 

 

user nginx;
worker_processes auto;
error_log /var/log/nginx/error.log;
pid /run/nginx.pid;

 

events {
worker_connections 1024;
}

 

http {
log_format main '$remote_addr - $remote_user [$time_local] "$request" '
'$status $body_bytes_sent "$http_referer" '
'"$http_user_agent" "$http_x_forwarded_for"';

 

access_log /var/log/nginx/access.log main;

 

sendfile on;
tcp_nopush on;
tcp_nodelay on;
keepalive_timeout 65;
types_hash_max_size 2048;

 

include /etc/nginx/mime.types;
default_type application/octet-stream;

 

# Load modular configuration files from the /etc/nginx/conf.d directory.
# See http://nginx.org/en/docs/ngx_core_module.html#include
# for more information.
include /etc/nginx/conf.d/*.conf;

 

#port 80 config
server {
listen 80 default_server;
listen [::]:80 default_server;
server_name _;
root /usr/share/nginx/html;

 

# Load configuration files for the default server block.
include /etc/nginx/default.d/*.conf;

 

location / {
proxy_pass http://internal.webserver.mycompany.com:80/;
}
error_page 404 /404.html;
location = /40x.html {
}

 

error_page 500 502 503 504 /50x.html;
location = /50x.html {
}
}

 

#FTP port 443 config
server {
listen 443 default_server;
listen [::]:443 default_server;
server_name _;
root /usr/share/nginx/html;

 

# Load configuration files for the default server block.
include /etc/nginx/default.d/*.conf;

 

location / {
proxy_pass https://internal.webserver.mycompany.com/:443;
}
error_page 404 /404.html;
location = /40x.html {
}
error_page 500 502 503 504 /50x.html;
location = /50x.html {
}
}

 

#FTP port 21 config
server {
listen 21 default_server;
listen [::]:21 default_server;
server_name _;
root /usr/share/nginx/html;

 

# Load configuration files for the default server block.
include /etc/nginx/default.d/*.conf;

 

location / {
proxy_pass ftp://internalftpserver.mycompany.com:21/;
}
error_page 404 /404.html;
location = /40x.html {
}
error_page 500 502 503 504 /50x.html;
location = /50x.html {
}
}
}

 

 

 

dont take it as gospel, but it should be enough to give you an idea on how to do it. 

 

 

Thanks Daryl, much appreciated. Just installing Ubuntu now, so I let you know how I get on.




2145 posts

Uber Geek
+1 received by user: 616


  Reply # 1569331 10-Jun-2016 12:00
Send private message

deadlyllama:

 

Paul1977:

 

timmmay:

 

Nginx is pretty easy, and I think it runs on Unix. If this is for business you may find it's better to get a consultant in to set up the Linux system and the Nginx rules. Setting up Ubuntu, installing Nginx, setting up the rules, not that difficult, but you may want immediate support if something goes wrong - that requires an SLA or contract.

 

 

I'll give it a try myself first.

 

Can I just use Ubuntu Desktop? I assume it's just NGINX Open Source that I want, not NGINX Plus?

 

 

You usually install Linux software, if at all possible, with the package manager.  In ubuntu desktop that's "Software Center."  Search in there for nginx.

 

 

Thanks


3395 posts

Uber Geek
+1 received by user: 396

Trusted

  Reply # 1569332 10-Jun-2016 12:00
One person supports this post
Send private message

Paul1977:

 

darylblake: The other option is you could buy more IP's.

 

This seemed like a good idea, but Spark have come back and said "We can only assign one Static IP to each broadband connection I am afraid. This is a system issue, not a business rule."

 

I tend to take what Spark first level support tell me with a grain of salt, as I have been given incorrect info in the past.

 

Can anyone confirm if the above is definitely the case? @cbrpilot do you have any knowledge about this?

 

Thanks

 

 

 

 

Seriously - why make your life so much harder because you have a crappy ISP who cannot offer basic features a business ISP should be able to? Virtually every business ISP should be able to provide multiple static IPv4 (we had a routed /29 subnet over VDSL once with Unleash). 2degrees/Snap definitely does this also as I am sure DTS etc. do too.

 

 

 

They should all be able to offer you a decent size IPv6 subnet. If the mobile carriers deployed IPv6 you could almost get away with running activesync IPv6 only..








2145 posts

Uber Geek
+1 received by user: 616


  Reply # 1569339 10-Jun-2016 12:07
Send private message

Zeon:

 

Paul1977:

 

darylblake: The other option is you could buy more IP's.

 

This seemed like a good idea, but Spark have come back and said "We can only assign one Static IP to each broadband connection I am afraid. This is a system issue, not a business rule."

 

I tend to take what Spark first level support tell me with a grain of salt, as I have been given incorrect info in the past.

 

Can anyone confirm if the above is definitely the case? @cbrpilot do you have any knowledge about this?

 

Thanks

 

 

Seriously - why make your life so much harder because you have a crappy ISP who cannot offer basic features a business ISP should be able to? Virtually every business ISP should be able to provide multiple static IPv4 (we had a routed /29 subnet over VDSL once with Unleash). 2degrees/Snap definitely does this also as I am sure DTS etc. do too.

 

 They should all be able to offer you a decent size IPv6 subnet. If the mobile carriers deployed IPv6 you could almost get away with running activesync IPv6 only..

 

 

It's surprising that Spark don't do it when others do. But right now it's a matter of weighing up which is more of a pain, changing ISPs or getting a reverse proxy working.


1 | 2 | 3 | 4
View this topic in a long page with up to 500 replies per page Create new topic

Twitter »

Follow us to receive Twitter updates when new discussions are posted in our forums:



Follow us to receive Twitter updates when news items and blogs are posted in our frontpage:



Follow us to receive Twitter updates when tech item prices are listed in our price comparison site:





News »

N4L helping TAKA Trust bridge the digital divide for Lower Hutt students
Posted 18-Jun-2018 13:08


Winners Announced for 2018 CIO Awards
Posted 18-Jun-2018 13:03


Logitech Rally sets new standard for USB-connected video conference cameras
Posted 18-Jun-2018 09:27


Russell Stanners steps down as Vodafone NZ CEO
Posted 12-Jun-2018 09:13


Intergen recognised as 2018 Microsoft Country Partner of the Year for New Zealand
Posted 12-Jun-2018 08:00


Finalists Announced For Microsoft NZ Partner Awards
Posted 6-Jun-2018 15:12


Vocus Group and Vodafone announce joint venture to accelerate fibre innovation
Posted 5-Jun-2018 10:52


Kogan.com to launch Kogan Mobile in New Zealand
Posted 4-Jun-2018 14:34


Enable doubles fibre broadband speeds for its most popular wholesale service in Christchurch
Posted 2-Jun-2018 20:07


All or Nothing: New Zealand All Blacks arrives on Amazon Prime Video
Posted 2-Jun-2018 16:21


Innovation Grant, High Tech Awards and new USA office for Kiwi tech company SwipedOn
Posted 1-Jun-2018 20:54


Commerce Commission warns Apple for misleading consumers about their rights
Posted 30-May-2018 13:15


IBM leads Call for Code to use cloud, data, AI, blockchain for natural disaster relief
Posted 25-May-2018 14:12


New FUJIFILM X-T100 aims to do better job than smartphones
Posted 24-May-2018 20:17


Stuff takes 100% ownership of Stuff Fibre
Posted 24-May-2018 19:41



Geekzone Live »

Try automatic live updates from Geekzone directly in your browser, without refreshing the page, with Geekzone Live now.



Are you subscribed to our RSS feed? You can download the latest headlines and summaries from our stories directly to your computer or smartphone by using a feed reader.

Alternatively, you can receive a daily email with Geekzone updates.