Using OpenVPN behind a reverse webproxy - Disable HTTPS/SSL on OpenVPN Webserver
Posted: Sun Jun 25, 2017 8:54 pm
Hello,
I have a rather complicated setup I am struggling with getting an OpenVPN AS working nicely with my reverse proxy.
I have a FreeBSD box with Nginx doing my SSL for my subdomains and reverse proxying to my webservers as needed. The network between the reverse proxy and my web servers is trusted. I wish to do a similar thing with the OpenVPN client login page. However, this requres that I disable SSL on the OpenVPN web server (Just the webserver - not the rest of the encryption for connecting tunnels - all client connections will be handled via another interface and associated network).
It already has two network interfaces - one into my Lan (which sits behind a NAT'd gateway and everything has internet access - appropriate ports have been forwarded to allow OpenVPN Client Tunnel Connections), and the other interface is to the private LAN with only the reverseproxy being the only other machine connected. All SSL web traffic will be done from the reverse proxy box, and so all traffic on this private lan need not be encrypted via an SSL HTTPS connection to the OpenVPN web server.
So, the TL;DR version of the question: How do I configure OPENVPN's Webserver to serve only HTTP non-SSL'd traffic (And not HTTPS/SSL'd traffic).
Cheers
I have a rather complicated setup I am struggling with getting an OpenVPN AS working nicely with my reverse proxy.
I have a FreeBSD box with Nginx doing my SSL for my subdomains and reverse proxying to my webservers as needed. The network between the reverse proxy and my web servers is trusted. I wish to do a similar thing with the OpenVPN client login page. However, this requres that I disable SSL on the OpenVPN web server (Just the webserver - not the rest of the encryption for connecting tunnels - all client connections will be handled via another interface and associated network).
It already has two network interfaces - one into my Lan (which sits behind a NAT'd gateway and everything has internet access - appropriate ports have been forwarded to allow OpenVPN Client Tunnel Connections), and the other interface is to the private LAN with only the reverseproxy being the only other machine connected. All SSL web traffic will be done from the reverse proxy box, and so all traffic on this private lan need not be encrypted via an SSL HTTPS connection to the OpenVPN web server.
So, the TL;DR version of the question: How do I configure OPENVPN's Webserver to serve only HTTP non-SSL'd traffic (And not HTTPS/SSL'd traffic).
Cheers