Url Rewrite, one of the many modules that can be added on to the IIS web-server to make this a very versatile tool can be used to perform a variety of tasks, including allowing you to setup your IIS webserver as a reverse-proxy server to some other back-end HTTP or HTTPS service like TotalView. A reverse proxy is a network device that takes in traffic coming from the Internet (for example) and forwards this traffic to a backend server on your private network, allowing that backend server to be accessible to people who are not necessarily connected to your network.
Setting up IIS with URL rewrite as a reverse proxy with SSL offloading for a backend or Local TotalView server.
The Following tasks need to be performed on the TotalView Server or a seperate windows server:
- Install Webserver (IIS) Role on a separate server or on the TotalView Server
- Install an SSL Certificate if needed on the IIS server for that will be proxying for TotalView
- Install URL Rewrite (See Directions Below)
- Take in requests from the end users of TotalView using SSL
- Route these requests to the backend application server using HTTP on port 8084 (Default TotalView Port)
- Enable Basic or AD Authentication to further secure Access to the TotalView Server
- Turn off Anonymous Access if required
- Test Setup
Below is the diagram of the setup we wish to accomplish using IIS as a reverse proxy server:
Install URL Rewrite
The first step is to install the add-on module for URL Rewrite. With Windows Server 2012 R2, you can use the Microsoft Web Platform Installer (WebPI) to download and install the URL Rewrite Module. Just search for ‘URL Rewrite’ in the search options and click ‘Add’. You can also download the extension from IIS.net – http://www.iis.net/downloads/microsoft/url-rewrite .
Once the module is installed in IIS, you will see a new Icon in the IIS Administration Console, called URL Rewrite. This icon is present at the level or each site and web-application you have on the server and will allow you to configure re-write rules that will apply from that level downwards.
Setup a Reverse Proxy rule using the Wizard.
- Open the IIS Manager Console and click on the Default Web Site from the tree view on the left. Select the URL Rewrite Icon from the middle pane, and then double-click it to load the URL Rewrite interface.
- Chose the ‘Add Rule’ action from the right pane of the management console, and the select the ‘Reverse Proxy Rule’ from the ‘Inbound and Outbound Rules’ category.
- Proceed to fill in the routing information
- Specify the TotalView Server name or IP Address and the Port Number (8084) or localhost:8084 if you are running this on the IIS server on the TotalView server.
- Enable SSL Offloading if you are going to use an SSL communications to the Proxy Host that will be forwarded to the TotalView Sever.
Finally, Disable LoopbackChecking
Click Start, click Run, type regedit, and then click OK.
Locate and then click the following registry subkey:
Right-click Lsa, point to
New, and then click DWORD Value.
Type DisableLoopbackCheck, and then press ENTER.
Right-click DisableLoopbackCheck, and then click Modify.
In the Value data box, type
1, and then click OK.
Exit Registry Editor.
Restart the computer.
The basic setup for the reverse proxy is now complete, with IIS able to capture incoming traffic and forward it to the backend server.