locknlol
Contributor
Contributor

External Apache2 reverse proxy -> "Failed to connect" browser console.

CloudFlare pointing to my external IP address on esxi.domain.tld I've been googling this issue quite a bit, and have yet to find any solution. When I visit my ESXi UI via LAN, everything works great. But when running off Reverse Proxy it fails. I saw a few posts saying that a few different [902, 903, 7343] need to be port forwarded so I did that, and the issue persists. I am also getting WebSocket error 500 in Google Chrome console, but am unable to find any solid information on why it's giving 500.

Any help would be greatly appreciated, here's a bit of my setup and issue.

My webproxy config:

<VirtualHost *:80>

        ServerName esxi.domain.tld

        Redirect permanent / https://esxi.domain.tld

</VirtualHost>

<VirtualHost *:443>

        ServerName esxi.domain.tld

        ServerAdmin me@domain.tld

        SSLProxyEngine on

        SSLProxyVerify none

        SSLProxyCheckPeerCN off

        SSLProxyCheckPeerName off

        SSLProxyCheckPeerExpire off

        ProxyRequests Off

        ProxyPreserveHost On

        RewriteEngine on

        RewriteCond %{HTTP:UPGRADE} ^WebSocket$ [NC]

        RewriteCond %{HTTP:CONNECTION} ^Upgrade$ [NC]

        RewriteRule .* ws://192.168.1.75:7343%{REQUEST_URI} [P]

        ProxyPass /sdk/ https://192.168.1.75/sdk/

        ProxyPassReverse /sdk/ https://192.168.1.75/sdk/

        ProxyPass /ticket/ wss://192.168.1.75/ticket/

        ProxyPassReverse /ticket/ wss://192.168.1.75/ticket/

        ProxyPassMatch ^(/screen.*)$ https://192.168.1.75$1

        ProxyPass / https://192.168.1.75/ui/ retry=1 keepalive=On

        ProxyPassReverse / https://192.168.1.75/ui/

        RequestHeader set X-Forwarded-HTTPS "0"

        Include /etc/letsencrypt/options-ssl-apache.conf

        SSLCertificateFile /etc/letsencrypt/live/esxi.domain.tld/fullchain.pem

        SSLCertificateKeyFile /etc/letsencrypt/live/esxi.domain.tld/privkey.pem

</VirtualHost>

esxi.png

0 Kudos
2 Replies
locknlol
Contributor
Contributor

Issue persists, any support would be greatly appreciated. Thanks.

0 Kudos
Froggiz
Contributor
Contributor

Hi,

1] redirect rules

To access to your esxi web console through apache proxy you need to redirect the trafic as you did (solve the 404 error)

#proxy configuration

ProxyPreserveHost On

SSLProxyEngine On

#Redirect wss trafic

ProxyPass /ticket/ wss://{esxiIPOrName}/ticket/

ProxyPassReverse /ticket/ wss://{esxiIPOrName}/ticket/

"Redirect web trafic

ProxyPass / https://{esxiIPOrName}/

ProxyPassReverse /  https://{esxiIPOrName}/

2] enable ws tunel module

You need also to enable WS tunel in apache (in addition to mod proxy) to solve the error 500 :

a2enmod proxy_wstunnel

Then you need to restart apache and this worked for me.

I hope it will helps.

Regards.

wiki.frogg.fr
0 Kudos