Reference12r1:Services/Reverse-Proxy: Difference between revisions
Jump to navigation
Jump to search
No edit summary |
(→Hosts) |
||
(3 intermediate revisions by 3 users not shown) | |||
Line 1: | Line 1: | ||
See [[Reference12r1:Concept_Reverse_Proxy]] for General | See [[Reference12r1:Concept_Reverse_Proxy]] for General information | ||
== General Parameters == | == General Parameters == | ||
Line 7: | Line 7: | ||
;LDAP, LDAPs: Ports for incoming LDAP TCP or TLS Connections. Use 389 and 636 for the Standard ports. | ;LDAP, LDAPs: Ports for incoming LDAP TCP or TLS Connections. Use 389 and 636 for the Standard ports. | ||
;HTTP, HTTPS: Ports for incoming HTTP TCP or TLS Connections. Use 80 and 443 for the Standard ports. | ;HTTP, HTTPS: Ports for incoming HTTP TCP or TLS Connections. Use 80 and 443 for the Standard ports. | ||
;Log Forwarded Requests: activate protocol dependent logging for successfully forwarded / accepted requests | |||
;Log Rejected Requests: activate protocol dependent logging for rejected / non-accepted requests | |||
;Blacklist Expiration: Time in minutes after which an entry put in the blacklist automatically, will be removed from the blacklist. | ;Blacklist Expiration: Time in minutes after which an entry put in the blacklist automatically, will be removed from the blacklist. | ||
;Suspicious | ;Suspicious Requests/min: Threshold to put an address into the blacklist | ||
== Hosts == | == Hosts == | ||
List of configured hosts. Click on the host Name to edit or delete. Use new to add new host | List of configured hosts. Click on the host Name to edit or delete. Use new to add new host | ||
;Out | |||
:Destination IP for this rule following by the plain text port | |||
;TLS | |||
:Port for encrypted traffic | |||
;Check Certificate | |||
:If the Check Certificate checkmark is set, for the internal connection TLS is used only if the received certificate matches the user name within the protocol. This way a host receiving a request through the Reverse Proxy using TLS can assume that the connection was authenticated using a valid certificate, which matches the user. | |||
;Network | |||
:''adddr:network'' to restrict a configured protocol to certain networks | |||
== Counter == | == Counter == | ||
Current top ten address with | Current top ten address with suspicious requests | ||
== Addresses == | == Addresses == | ||
Blacklist/Whitelist addresses | Blacklist/Whitelist addresses |
Latest revision as of 17:02, 10 September 2019
See Reference12r1:Concept_Reverse_Proxy for General information
General Parameters
- H.323/TCP, H.323/TLS
- Ports for incoming H.323 TCP or TLS Connections. Use 1720 and 1300 for the standard ports.
- SIP/TCP, SIP/TLS
- Ports for incoming SIP TCP or TLS Connections. Use 5060 and 5061 for the standard ports.
- LDAP, LDAPs
- Ports for incoming LDAP TCP or TLS Connections. Use 389 and 636 for the Standard ports.
- HTTP, HTTPS
- Ports for incoming HTTP TCP or TLS Connections. Use 80 and 443 for the Standard ports.
- Log Forwarded Requests
- activate protocol dependent logging for successfully forwarded / accepted requests
- Log Rejected Requests
- activate protocol dependent logging for rejected / non-accepted requests
- Blacklist Expiration
- Time in minutes after which an entry put in the blacklist automatically, will be removed from the blacklist.
- Suspicious Requests/min
- Threshold to put an address into the blacklist
Hosts
List of configured hosts. Click on the host Name to edit or delete. Use new to add new host
- Out
- Destination IP for this rule following by the plain text port
- TLS
- Port for encrypted traffic
- Check Certificate
- If the Check Certificate checkmark is set, for the internal connection TLS is used only if the received certificate matches the user name within the protocol. This way a host receiving a request through the Reverse Proxy using TLS can assume that the connection was authenticated using a valid certificate, which matches the user.
- Network
- adddr:network to restrict a configured protocol to certain networks
Counter
Current top ten address with suspicious requests
Addresses
Blacklist/Whitelist addresses