Reverse Proxy

Websockets

As of LCOS FX 11.1 a Websocket option has been added to the settings of the individual proxy paths of a reverse proxy frontend. The Websocket option must be enabled to allow a websocket provided by the backend to be proxied correctly. For TLS websockets, the SSL option must be activated in both the frontend and the backend.

Figure 1. UTM > Reverse Proxy > Frontends > General



Preserve Host Header

In addition, a new option Preserve Host Header can be set to retain the host HTTP header when reverse proxying incoming HTTP requests. Depending on the application scenario, switching this option on or off can resolve problems in communication with the target server.

Access restrictions for reverse proxy front-ends

Figure 2. UTM > Reverse Proxy > Frontends > Restrictions



Table 1. Restrictions
Input field Description
Accessible for Individual reverse proxy front-ends can be provided with access restrictions here. If access restrictions are set up, then the reverse proxy front end is only accessible for the set users (or users who are members of a set group). A user is authenticated via the external portal. Local firewall users, LDAP users and groups, as well as users and groups of the identity provider set under User Authentication > External Portal > SAML are available for selection. If no restrictions are set up, the reverse proxy frontend can be used without prior authentication.

Wireguard

A previously defined wireguard connection can now also be selected from the selectable connections.

www.lancom-systems.com

LANCOM Systems GmbH | A Rohde & Schwarz Company | Adenauerstr. 20/B2 | 52146 Wuerselen | Germany | E‑Mail info@lancom.de

LANCOM Logo