In need of a firewall that can perform reverse proxy - Routers

This is a discussion on In need of a firewall that can perform reverse proxy - Routers ; A friend of mine purchased an entry-level Linksys firewall/router for her small business and discovered that the port forwarding doesn't quite meet her needs. The router allows you to forward requests made to a specific port to a designated machine ...

+ Reply to Thread
Results 1 to 2 of 2

Thread: In need of a firewall that can perform reverse proxy

  1. In need of a firewall that can perform reverse proxy

    A friend of mine purchased an entry-level Linksys firewall/router for her
    small business and discovered that the port forwarding doesn't quite meet
    her needs. The router allows you to forward requests made to a specific port
    to a designated machine behind the firewall (e.g. you can forward requests
    to port 80 to a Web server). The limitation is that it can only forward a
    given port to a single IP address. She would ideally like to forward
    requests by host header (e.g. mail.mydomain.com) to different machines in
    order to host Web apps (including an SSL-enabled OWA site) on different
    servers. From what I've read, this is commonly known as reverse proxy.

    I know that Microsoft's ISA Server can do this, but I was hoping to find a
    network applicance that could handle it so that she doesn't have to dedicate
    a box to the job. I did some research and found the following candidates
    (although it's not actually clear that all of them perform reverse proxy):

    Blue Coat ProxySG

    Cisco Content Engine (or "Content Switch", or "Local Director) -- really not
    sure which one, and awaiting a call from Cisco technical sales

    SonicWall TZ190 or Pro 2040 -- awaiting call from technical sales rep to
    confirm features

    Has anyone had experience with these firewalls or any others that you'd be
    willing to recommend?

    Thanks in advance,
    Darryl R.



  2. Re: In need of a firewall that can perform reverse proxy

    Darryl,
    You don't need reverse proxy for that. You just need a router with a
    slightly more capable firewall.
    A standard Cisco or netgear router will do this. You need Access Lists that
    control what traffic is allowed in, on what port, to what address. You also
    need NAT to translate the internal server address to the public IP.
    You can use ISA server, but it is much more expensive and capable than you
    need for this purpose.
    Reverse Proxy is something else. It acts as an intermediary between the
    external browser and the internal service so there is no direct connection.
    The traffic is rewritten by the proxy. You don't need that here,
    Anthony


    "DarrylR" wrote in message
    news:5bCdnd8994DQ8eHanZ2dnUVZ_hqdnZ2d@comcast.com. ..
    >A friend of mine purchased an entry-level Linksys firewall/router for her
    >small business and discovered that the port forwarding doesn't quite meet
    >her needs. The router allows you to forward requests made to a specific
    >port to a designated machine behind the firewall (e.g. you can forward
    >requests to port 80 to a Web server). The limitation is that it can only
    >forward a given port to a single IP address. She would ideally like to
    >forward requests by host header (e.g. mail.mydomain.com) to different
    >machines in order to host Web apps (including an SSL-enabled OWA site) on
    >different servers. From what I've read, this is commonly known as reverse
    >proxy.
    >
    > I know that Microsoft's ISA Server can do this, but I was hoping to find a
    > network applicance that could handle it so that she doesn't have to
    > dedicate a box to the job. I did some research and found the following
    > candidates (although it's not actually clear that all of them perform
    > reverse proxy):
    >
    > Blue Coat ProxySG
    >
    > Cisco Content Engine (or "Content Switch", or "Local Director) -- really
    > not sure which one, and awaiting a call from Cisco technical sales
    >
    > SonicWall TZ190 or Pro 2040 -- awaiting call from technical sales rep to
    > confirm features
    >
    > Has anyone had experience with these firewalls or any others that you'd be
    > willing to recommend?
    >
    > Thanks in advance,
    > Darryl R.
    >




+ Reply to Thread