DSM6 - AllowConnect to serve a http-proxy for vpn- and ssh-clients

Questions about HTTP Access/Mods may go here
Forum rules
Please note the disclaimer before modifying your Synology Product.
User avatar
Hathor27
Apprentice
Apprentice
Posts: 99
Joined: Sat Feb 21, 2009 4:09 pm
Location: Switzerland

DSM6 - AllowConnect to serve a http-proxy for vpn- and ssh-clients

Postby Hathor27 » Mon Apr 18, 2016 9:56 pm

Dear Community,

with DSM 5.2 (and older) I could serve a http-proxy for external VPN- and SSH-Clients through a secure namebased access. The virtualhost config looked like below:

Code: Select all

<VirtualHost *:80>
  ServerName vp.myDomain.ch
  ServerAlias ip42.internalDomain.local
  DocumentRoot /var/services/web/bla/
 
  ## Only ever allow incoming HTTP CONNECT requests.
  ## Explicitly deny other request types like GET, POST, etc.
  ## This tells Apache to return a 403 Forbidden if this virtual
  ## host receives anything other than an HTTP CONNECT.
  RewriteEngine On
  RewriteCond %{REQUEST_METHOD} !^CONNECT [NC]
  RewriteRule ^/(.*)$ - [F,L]

  ## Setup proxying between vp.myDomain.ch:80 and ip42.internalDomain.local:1194
  ProxyRequests On
  ProxyBadHeader Ignore
  ProxyVia Full

  AllowCONNECT 1194  # here could also stay 22 for ssh

  ## IMPORTANT: By default, deny everyone.  If you don't do this
  ## others will be able to connect to port 1149 on any host.
  <Proxy *>
    Order deny,allow
    Deny from all
  </Proxy>

  ## Now, only allow CONNECT requests bound for ip42.internalDomain.local
  <ProxyMatch (ip42\.internalDomain\.local)>
    Order allow,deny
    Allow from all
  </ProxyMatch>

  ## Logging, always a good idea.
  LogLevel warn
  #LogLevel debug
  ErrorLog /var/log/vpnserver-proxy_error_log
  CustomLog /var/log/vpnserver-proxy_request_log combined
</VirtualHost>


I tried to do the same within DSM 6.0 but I can't get it run.
My personal config file is either ignored or even deleted (!) by restarting Webserver :cry:

Does anybody out there know how to solve this in DSM 6.0?
Best Regards
Hathor27

Hardware: DS107+/DS207+/DS109+/DS209+/DS409/DS211+/DS214+/DS215+/DS716+
Featured: WebAlizer/VPN/ReverseProxy/MailServer/CloudServer/DNS/DHCP/CMS/Syslog/Subversion

Return to “HTTP/Apache Mods”

Who is online

Users browsing this forum: No registered users and 1 guest