logo

The ConnectWise Control forum has moved to ConnectWise University! This forum has been locked and is in read-only mode. Click here for instructions on how to access the new forum.

Welcome Guest! You can not login or register.

Notification

Icon
Error

Options
Go to last post Go to first unread
milkman  
#1 Posted : Friday, July 24, 2015 1:04:51 PM(UTC)
milkman


Rank: Newbie

Joined: 7/24/2015(UTC)
Posts: 1
United States
Location: Atlanta, GA

Greetings,

So we are attempting to do something that we have seen done by others here but for some reason it isn't working out for us. We are hoping there are some experts out there that may be able to help.

Here is our setup:

ScreenConnect Relay & Web are running on (1) Debian server in our DMZ.

uname -a
Linux [Hostname] 3.2.0-4-686-pae #1 SMP Debian 3.2.65-1+deb7u2 i686 GNU/Linux

web.config
<add key="WebServerListenUri" value="http://+:8040/">
</add>
<add key="WebServerAddressUri" value="http://support.[domain].com/">
</add>
<add key="RelayListenUri" value="relay://+:8041/">
</add>

Reverse Proxy & SSL are running on (1) CentOS 7 server outside the DMZ.

uname -a
Linux [Hostname] 3.10.0-229.1.2.el7.x86_64 #1 SMP [DateTime] x86_64 GNU/Linux
httpd -version
Server Version: Apache/2.4.6 (CentOS)

httpd.conf - Virtual Host lines
Listen 80
Listen 443
<VirtualHost *:443>
SSLEngine on
#SSLProxyEngine on
#SSLProxyVerify none
#SSLProxyCheckPeerCN off
#SSLProxyCheckPeerName off
#SSLProxyCheckPeerExpire off
#SSLCertificateFile /etc/httpd/ssl/
SSLCertificateFile /etc/httpd/ssl/[certname].crt
SSLCertificateKeyFile /etc/httpd/ssl/[certname].key
SSLCACertificateFile /etc/httpd/ssl/[certname].crt
#ServerAdmin webmaster@localhost
#ProxyRequests Off
#ProxyPreserveHost On
#AllowEncodedSlashes NoDecode
#<Proxy *>
# Order deny,allow
# Allow from all
#</Proxy>
ProxyPass / http://[scip]:8040/ disablereuse=on ConnectionTimeout=600 Timeout=600
ProxyPassReverse / http://[scip]:8040/
KeepAliveTimeout 0
# RequestHeader set X-Forwarded-Proto "https"
# RequestHeader set X-Forwarded-Port "443"
</VirtualHost>

<VirtualHost *:80>
RewriteEngine on
RewriteCond %{HTTPS} !=on
RewriteRule (.*) https://%{HTTP_HOST}
</VirtualHost>

#<VirtualHost *:8041>
# RewriteEngine off
# RewriteCond %{HTTPS} !=on
# RewriteRule (.*) https://%{HTTP_HOST}
#</VirtualHost>

I left the commented out portions to show the various changes we have tried.

Yesterday we were able to get the proxy to forward to the correct server with SSL but no sessions would connect.

In our firewall we have ports 80,443,8040, and 8041 open and passing.

As of today with the current config we just get a 503 Service Unavailable from our Apache server.

Any ideas?

Thank you for anyone willing to help with this. I can't stop having nightmares of Apache servers chasing me. Please help. :)

sjc4llc  
#2 Posted : Monday, July 27, 2015 12:33:06 AM(UTC)
sjc4llc


Rank: Newbie

Joined: 6/2/2014(UTC)
Posts: 6

This is my 2 cents.

<add key="WebServerListenUri" value="http://127.0.0.1:8040/"> // close this port in the firewall. Its local only

we use nginx for a reverse proxy and it works perfectly.
Users browsing this topic
Forum Jump  
You cannot post new topics in this forum.
You cannot reply to topics in this forum.
You cannot delete your posts in this forum.
You cannot edit your posts in this forum.
You cannot create polls in this forum.
You cannot vote in polls in this forum.