Applications

Looking for a Reverse Proxy?

CONTACT US

The reverse proxy is a type of proxy server that retrieves resources on behalf of a client from one or more servers. These resources are then returned to the client, appearing as if they originated from the proxy server itself.

  • ApplicGate uses the http “Host” header to address the target server.
  • A public IP address can be shared by multiple servers.
  • Forwarding to the servers can be controlled by timers.
  • Https is supported.
  • IPv4 and IPv6 are supported.

Use Cases/TechInfo

Shortage of public IP Addresses?

If you have multiple web servers that should share one public IP address then this is the perfect solution for you. There is nothing to do at the client side!

TECHINFO
  • If there are too few public IP addresses available multiple servers can share one public IP address.
  • The target server is addressed by the reverse proxy using the http header “Host”.
  • The target server is selected using mapping tables (special groups).
  • Each mapping table entry consists of “host>destination”. Wildcards (*) are supported.
  • Multiple mapping tables can be configured.
  • Example:
    www.xyz.com>abc.xyz.com
    store.xyz.com>10.10.1.1
    *>10.10.1.2
  • Additionally local rules where SourceIP is “incoming” can be addressed:
    “host>local:RuleID
  • Now at the “incoming” routing entry all keywords for the connection to the destination can be specified (e.g. TLS parameters).
  • Example:
    abc.xyz.com>local:R1
  • To select this feature the keyword PRX must be specified within the routing entry.
SCHEMA
Reverse Proxy

Timer controlled forwarding

Different web pages or servers can be addressed depending on data or time.

TECHINFO
  • Different targets can be selected depending on timers configured for the group where the mapping table is stored.
  • Multiple intervals consisting of date, time and specification of weekdays can be configured.
  • This can be used to forward requests to different web servers (or the web server built in ApplicGate) depending on date and time e.g. when maintenance is planned.
SCHEMA
Reverse Proxy

Support of https

Requests can be forwarded to different target servers even if the connection is encrypted. The reverse web proxy decrypts the https session and forwards it to the requested target server (encrypted or clear text).

TECHINFO
  • The reverse proxy supports https.
  • In this case the TLS connection terminates at the reverse proxy.
  • The SSL keyword must refer to a server certificate that contains DNS names of all destination servers or appropriate wildcards.
  • The versions of the supported TLS protocols can be selected.
  • To use a TLS connection from the reverse proxy to the target server: Forward to a local rule and specify the keyword SSLTARGET
SCHEMA
Reverse Proxy wit https

IPv4 <-> IPv6 Conversion

IPv4 clients can reach IPv4 and IPv6 web servers, IPv6 clients can reach IPv4 and IPv6 web servers. This feature helps for IPv4 to IPv6 migration.

TECHINFO
  • The IP connection from the client terminates at the proxy server
  • For IPv4 and IPv6 separate routing entries must be configured.
  • Then the reverse proxy establishes a new connection to the target server.
  • Depending on the target address this can be an IPv4 or an IPv6 connection.
SCHEMA
Reverse Proxy

FAQ + Techblog

Q: Is ApplicGate available for Linux also?

A: Yes, it is. Send an email to contact@applicgate.com and we will be glad to send you a version built for Linux.

Looking for a Reverse Proxy?

How to tunnel UDP traffic over TCP

If you would like to secure UDP traffic via unsecure networks or network segments you can add authentication and encryption easily.

Subscribe to ApplicGate News

Interested in new use cases and ApplicGate applications? Subscribe to our newsletter and never miss a new topic!

Quick Contact Form