VMware Cloud Community
locknlol
Contributor
Contributor
‎08-22-2018 07:41 PM

External Apache2 reverse proxy -> "Failed to connect" browser console.

CloudFlare pointing to my external IP address on esxi.domain.tld I've been googling this issue quite a bit, and have yet to find any solution. When I visit my ESXi UI via LAN, everything works great. But when running off Reverse Proxy it fails. I saw a few posts saying that a few different [902, 903, 7343] need to be port forwarded so I did that, and the issue persists. I am also getting WebSocket error 500 in Google Chrome console, but am unable to find any solid information on why it's giving 500.

Any help would be greatly appreciated, here's a bit of my setup and issue.

My webproxy config:

<VirtualHost *:80>
        ServerName esxi.domain.tld
        Redirect permanent / https://esxi.domain.tld
</VirtualHost>
<VirtualHost *:443>
        ServerName esxi.domain.tld
        ServerAdmin me@domain.tld
        SSLProxyEngine on
        SSLProxyVerify none
        SSLProxyCheckPeerCN off
        SSLProxyCheckPeerName off
        SSLProxyCheckPeerExpire off
        ProxyRequests Off
        ProxyPreserveHost On
        RewriteEngine on
        RewriteCond %{HTTP:UPGRADE} ^WebSocket$ [NC]
        RewriteCond %{HTTP:CONNECTION} ^Upgrade$ [NC]
        RewriteRule .* ws://192.168.1.75:7343%{REQUEST_URI} [P]
        ProxyPass /sdk/ https://192.168.1.75/sdk/
        ProxyPassReverse /sdk/ https://192.168.1.75/sdk/
        ProxyPass /ticket/ wss://192.168.1.75/ticket/
        ProxyPassReverse /ticket/ wss://192.168.1.75/ticket/
        ProxyPassMatch ^(/screen.*)$ https://192.168.1.75$1
        ProxyPass / https://192.168.1.75/ui/ retry=1 keepalive=On
        ProxyPassReverse / https://192.168.1.75/ui/
        RequestHeader set X-Forwarded-HTTPS "0"
        Include /etc/letsencrypt/options-ssl-apache.conf
        SSLCertificateFile /etc/letsencrypt/live/esxi.domain.tld/fullchain.pem
        SSLCertificateKeyFile /etc/letsencrypt/live/esxi.domain.tld/privkey.pem
</VirtualHost>

esxi.png

0 Kudos
2 Replies
locknlol
Contributor
Contributor
‎08-26-2018 01:19 PM

Issue persists, any support would be greatly appreciated. Thanks.

0 Kudos
Froggiz
Contributor
Contributor
‎02-27-2019 11:48 AM

Hi,

1] redirect rules

To access to your esxi web console through apache proxy you need to redirect the trafic as you did (solve the 404 error)

#proxy configuration

ProxyPreserveHost On

SSLProxyEngine On

#Redirect wss trafic

ProxyPass /ticket/ wss://{esxiIPOrName}/ticket/

ProxyPassReverse /ticket/ wss://{esxiIPOrName}/ticket/

"Redirect web trafic

ProxyPass / https://{esxiIPOrName}/

ProxyPassReverse /  https://{esxiIPOrName}/

2] enable ws tunel module

You need also to enable WS tunel in apache (in addition to mod proxy) to solve the error 500 :

a2enmod proxy_wstunnel

Then you need to restart apache and this worked for me.

I hope it will helps.

Regards.

wiki.frogg.fr
0 Kudos