[Last updated on June 13, 2019] There may be instances when you'd want external users to access HTTP servers located behind your corporate firewall. A secure way of doing this is by allowing access to those servers through an HTTP reverse proxy. In this short tutorial, we'll show you the basic steps of achieving this using JSCAPE MFT Gateway.
So, for example, I have an HTTP web file transfer service running in my internal network with an IP address of 172.31.27.199 and I want that service to be accessible to external users but, at the same time, for security reasons, don't want those users to connect directly.
So, what I can do is install MFT Gateway on my DMZ on a machine with say public IP address 18.104.22.168 and set up MFT Gateway to run an HTTP reverse proxy that maps to that HTTP web file transfer service in my internal network.
Users can then connect to that file transfer service through the HTTP reverse proxy. And what this means is that, instead of connecting to 172.31.27.199, users will be connecting to 22.214.171.124 without even knowing it.
Watch the video
Would you prefer to watch a video version of this tutorial instead? You can play the video below. Otherwise, just skip it if you wish to continue reading.
Let me now show you how to set up something like this on JSCAPE MFT Gateway. I'll assume you already have an HTTP service running in the background and that it's reachable from your MFT Gateway instance.
Step 1: Launch the MFT Gateway Manager, go to Services and then click the Add button.
Step 2: Select HTTP from the Client Protocol drop-down list and leave the Server protocol as is. If you expand the Server protocol drop-down list, you'll notice that you can also connect to a remote HTTPS service. But for now, let's just leave that to its default value, which is HTTP.
Step 3: Specify the following service parameters.
Local host and port - The listening IP address and port number for the HTTP service on your JSCAPE MFT Gateway instance. This is where your users will be connecting to.
Remote host - The IP address and port number of your target HTTP server. This will be used by JSCAPE MFT Gateway to establish a reverse proxy connection. So, in my case, this is the IP address and port number of the web file transfer service in my internal network.
Enable URL Rewriting - For HTTP/S protocols you may need to have JSCAPE MFT Gateway rewrite certain HTTP/S headers and/or content. We won't be discussing that now but you can read more about Setting URL rewrite rules for more information.
Once complete, the HTTP reverse proxy service will be displayed in your Services panel as shown below.
So, now, if I want to connect to that web file transfer service, I just enter the IP address of my HTTP reverse proxy service on my web browser likeso.
That's it. Now you know how to set up a HTTP reverse proxy service using JSCAPE MFT Gateway.