CloudFlare pointing to my external IP address on esxi.domain.tld I've been googling this issue quite a bit, and have yet to find any solution. When I visit my ESXi UI via LAN, everything works great. But when running off Reverse Proxy it fails. I saw a few posts saying that a few different [902, 903, 7343] need to be port forwarded so I did that, and the issue persists. I am also getting WebSocket error 500 in Google Chrome console, but am unable to find any solid information on why it's giving 500.
Any help would be greatly appreciated, here's a bit of my setup and issue.
My webproxy config:
<VirtualHost *:80>
ServerName esxi.domain.tld
Redirect permanent / https://esxi.domain.tld
</VirtualHost>
<VirtualHost *:443>
ServerName esxi.domain.tld
ServerAdmin me@domain.tld
SSLProxyEngine on
SSLProxyVerify none
SSLProxyCheckPeerCN off
SSLProxyCheckPeerName off
SSLProxyCheckPeerExpire off
ProxyRequests Off
ProxyPreserveHost On
RewriteEngine on
RewriteCond %{HTTP:UPGRADE} ^WebSocket$ [NC]
RewriteCond %{HTTP:CONNECTION} ^Upgrade$ [NC]
RewriteRule .* ws://192.168.1.75:7343%{REQUEST_URI} [P]
ProxyPass /sdk/ https://192.168.1.75/sdk/
ProxyPassReverse /sdk/ https://192.168.1.75/sdk/
ProxyPass /ticket/ wss://192.168.1.75/ticket/
ProxyPassReverse /ticket/ wss://192.168.1.75/ticket/
ProxyPassMatch ^(/screen.*)$ https://192.168.1.75$1
ProxyPass / https://192.168.1.75/ui/ retry=1 keepalive=On
ProxyPassReverse / https://192.168.1.75/ui/
RequestHeader set X-Forwarded-HTTPS "0"
Include /etc/letsencrypt/options-ssl-apache.conf
SSLCertificateFile /etc/letsencrypt/live/esxi.domain.tld/fullchain.pem
SSLCertificateKeyFile /etc/letsencrypt/live/esxi.domain.tld/privkey.pem
</VirtualHost>
Issue persists, any support would be greatly appreciated. Thanks.
Hi,
1] redirect rules
To access to your esxi web console through apache proxy you need to redirect the trafic as you did (solve the 404 error)
#proxy configuration
ProxyPreserveHost On
SSLProxyEngine On
#Redirect wss trafic
ProxyPass /ticket/ wss://{esxiIPOrName}/ticket/
ProxyPassReverse /ticket/ wss://{esxiIPOrName}/ticket/
"Redirect web trafic
ProxyPass / https://{esxiIPOrName}/
ProxyPassReverse / https://{esxiIPOrName}/
2] enable ws tunel module
You need also to enable WS tunel in apache (in addition to mod proxy) to solve the error 500 :
a2enmod proxy_wstunnel
Then you need to restart apache and this worked for me.
I hope it will helps.
Regards.