I have attempted this as well but so far no luck. I feel it is close but something may be missing.
Currently I have it listening on multiple ports in the stream block, and passing it back to the same server locally on another port.
I am able to view the source IP successfully on the website request, however not the VPN request.
Currently the only error I am experiencing is the one below.
This is a windows RAAS VPN Server.
10.0.0.55 is the NGINX server handling all of the request.
I have attached a screenshot of both the error and access logs.
For some reason the website request are preserving the IP but the VPN request are not.
Here is my web server block.
server {
listen 9999 ssl proxy_protocol;
ssl_certificate *;
ssl_certificate_key *;
server_name webserver;
set $upstream 10.0.0.62;
location / {
proxy_pass_header Authorization;
proxy_pass https://$upstream;
proxy_set_header Host $host;
proxy_redirect off;
proxy_set_header X-Real-IP $proxy_protocol_addr;
proxy_set_header X-Forwarded-For $proxy_protocol_addr;
proxy_http_version 1.1;
proxy_set_header Connection "";
proxy_buffering off;
client_max_body_size 0;
proxy_read_timeout 300;
proxy_connect_timeout 300;
index index.html index.htm;
include /etc/nginx/mime.types;
}
Here is the VPN server block
server {
listen 9997 ssl proxy_protocol;
ssl_certificate *;
ssl_certificate_key *;
server_name vpn;
location / {
proxy_pass https://192.168.2.3:443;
proxy_pass_header Authorization;
proxy_set_header Host $host;
proxy_redirect off;
proxy_set_header X-Real-IP $proxy_protocol_addr;
proxy_set_header X-Forwarded-For $proxy_protocol_addr;
proxy_set_header Connection "";
proxy_buffering off;
proxy_connect_timeout 10;
}
}
Here is my stream block
stream {
map $ssl_preread_server_name $name {
server1.com server1;
server2.com server2;
server3.com server3;
}
upstream server1 {
server 10.0.0.55:9997;
}
upstream server2 {
server 10.0.0.55:9999;
}
upstream server3 {
server 10.0.0.55:9998;
}
server {
listen 443;
proxy_protocol on;
proxy_pass $name;
ssl_preread on;
}
}
Currently I have it listening on multiple ports in the stream block, and passing it back to the same server locally on another port.
I am able to view the source IP successfully on the website request, however not the VPN request.
Currently the only error I am experiencing is the one below.
This is a windows RAAS VPN Server.
10.0.0.55 is the NGINX server handling all of the request.
I have attached a screenshot of both the error and access logs.
For some reason the website request are preserving the IP but the VPN request are not.
Here is my web server block.
server {
listen 9999 ssl proxy_protocol;
ssl_certificate *;
ssl_certificate_key *;
server_name webserver;
set $upstream 10.0.0.62;
location / {
proxy_pass_header Authorization;
proxy_pass https://$upstream;
proxy_set_header Host $host;
proxy_redirect off;
proxy_set_header X-Real-IP $proxy_protocol_addr;
proxy_set_header X-Forwarded-For $proxy_protocol_addr;
proxy_http_version 1.1;
proxy_set_header Connection "";
proxy_buffering off;
client_max_body_size 0;
proxy_read_timeout 300;
proxy_connect_timeout 300;
index index.html index.htm;
include /etc/nginx/mime.types;
}
Here is the VPN server block
server {
listen 9997 ssl proxy_protocol;
ssl_certificate *;
ssl_certificate_key *;
server_name vpn;
location / {
proxy_pass https://192.168.2.3:443;
proxy_pass_header Authorization;
proxy_set_header Host $host;
proxy_redirect off;
proxy_set_header X-Real-IP $proxy_protocol_addr;
proxy_set_header X-Forwarded-For $proxy_protocol_addr;
proxy_set_header Connection "";
proxy_buffering off;
proxy_connect_timeout 10;
}
}
Here is my stream block
stream {
map $ssl_preread_server_name $name {
server1.com server1;
server2.com server2;
server3.com server3;
}
upstream server1 {
server 10.0.0.55:9997;
}
upstream server2 {
server 10.0.0.55:9999;
}
upstream server3 {
server 10.0.0.55:9998;
}
server {
listen 443;
proxy_protocol on;
proxy_pass $name;
ssl_preread on;
}
}