[SOGo] Fwd: Fwd: Login to SOGo from external- old,new question
Now after a lot of thinking and trying I came to an solution: Changing in my SOGo.conf all RequestHeader entries to my external IP RequestHeader set x-webobjects-server-port 443 RequestHeader set x-webobjects-server-name my.ext.i.p RequestHeader set x-webobjects-server-url https://my.ext.i.p; did the trick. But now my internal client has the same problem. Is there a way to show apache to set RequestHeader according to external and internal Ips? Or just grap the IP and set it to? Original-Nachricht Datum: Tue, 07 Aug 2012 10:51:32 +0200 Von: Daniel Müller danielmuell...@gmx.net An: users@sogo.nu Betreff: Fwd: Login to SOGo from external- old,new question NO one an idea? Or a solution? Greetings Daniel Original-Nachricht Datum: Mon, 06 Aug 2012 09:52:35 +0200 Von: Daniel Müller danielmuell...@gmx.net An: users@sogo.nu Betreff: Login to SOGo from external- old,new question Dear all, this is my X...attempt to configure SOGo-- Apache to be reached when I am outside the office. This Is my Apache alias-file in conf.d, Alias /SOGo/WebServerResources/ \ /usr/lib/GNUstep/SOGo/WebServerResources/ AliasMatch /SOGo/so/ControlPanel/Products/(.*)/Resources/(.*) \ /usr/lib/GNUstep/SOGo/$1.SOGo/Resources/$2 Directory /usr/lib/GNUstep/SOGo/ AllowOverride None Order deny,allow Allow from all /Directory LocationMatch ^/SOGo/so/ControlPanel/Products/.*UI/Resources/.*\.(jpg|png|gif|css|js) SetHandler default-handler /LocationMatch ## Uncomment the following to enable proxy-side authentication, you will then ## need to set the SOGoTrustProxyAuthentication SOGo user default to YES and ## adjust the x-webobjects-remote-user proxy header in the Proxy section ## below. #Location /SOGo # AuthType XXX # Require valid-user # SetEnv proxy-nokeepalive 1 # Allow from all #/Location ProxyRequests Off SetEnv proxy-nokeepalive 1 ProxyPreserveHost On # When using CAS, you should uncomment this and install cas-proxy-validate.py # in /usr/lib/cgi-bin to reduce server overloading # # ProxyPass /SOGo/casProxy http://localhost/cgi-bin/cas-proxy-validate.py # Proxy http://localhost/app/cas-proxy-validate.py # Order deny,allow # Allow from your-cas-host-addr # /Proxy ProxyPass /SOGo http://127.0.0.1:2/SOGo retry=0 Proxy http://127.0.0.1:2/SOGo ## adjust the following to your configuration RequestHeader set x-webobjects-server-port 443 RequestHeader set x-webobjects-server-name 192.168.135.124 RequestHeader set x-webobjects-server-url https://192.168.135.124; ## When using proxy-side autentication, you need to uncomment and ## adjust the following line: # RequestHeader set x-webobjects-remote-user %{REMOTE_USER}e RequestHeader set x-webobjects-server-protocol HTTP/1.0 RequestHeader set x-webobjects-remote-host %{REMOTE_HOST}e env=REMOTE_HOST AddDefaultCharset UTF-8 Order allow,deny Allow from all /Proxy ## We use mod_rewrite to pass remote address to the SOGo proxy. # The remote address will appear in SOGo's log files and in the X-Forward # header of emails. RewriteEngine On RewriteRule ^/SOGo/(.*)$ /SOGo/$1 [env=REMOTE_HOST:%{REMOTE_ADDR},PT] Now I tried to create a new alias file EX.: outside.conf My router redirect all my https to the SOGo host, 217.XXX.XXX.XXX changed this lines to: ProxyPass /SOGo http://127.0.0.1:2/SOGo retry=0 Proxy http://127.0.0.1:2/SOGo ## adjust the following to your configuration RequestHeader set x-webobjects-server-port 443 RequestHeader set x-webobjects-server-name 217.XXX.XXX.XXX RequestHeader set x-webobjects-server-url https://217.XXX.XXX.XXX; restarted httpd service. Now I can reach the web-gui with https://217.XXX.XXX.XXX/SOGo successfull. But when I login it ends up with my local IP-Adress: https://192.XXX.XXX.124/SOGo/so/myuser/ and that is wrong, and the browser shows up page not found. How can I get here: https://217.XXX.XXX.XXX/SOGo/so/tester/ ? Daniel -- users@sogo.nu https://inverse.ca/sogo/lists
Re: [SOGo] Fwd: Fwd: Login to SOGo from external- old,new question
Hello, I have used 'dnsmasq' internally in this case. This will replace/relay to your internal DNS server. It can override various 'internet' entries by having them in your hosts file: 192.168.0.1 my.dynamic.ip.hostname This means that queries to hit the dnsmasq server will receive the internal IP for my.dynamic.ip.hostname and public resolvers will hit the 'real' my.dynamic.ip.hostname. How this could be done otherwise is hard to say, multiple Apache configs listening on different IP/Port combinations is a good option. The problem is then the client config, it still wants to talk to the same hostname inside and outside the LAN. That or you use an internal name/address and use a VPN. Hope this helps Chris On 08/08/12 13:49, Daniel Müller wrote: Now after a lot of thinking and trying I came to an solution: Changing in my SOGo.conf all RequestHeader entries to my external IP RequestHeader set x-webobjects-server-port 443 RequestHeader set x-webobjects-server-name my.ext.i.p RequestHeader set x-webobjects-server-url https://my.ext.i.p; did the trick. But now my internal client has the same problem. Is there a way to show apache to set RequestHeader according to external and internal Ips? Or just grap the IP and set it to? Original-Nachricht Datum: Tue, 07 Aug 2012 10:51:32 +0200 Von: Daniel Müller danielmuell...@gmx.net An: users@sogo.nu Betreff: Fwd: Login to SOGo from external- old,new question NO one an idea? Or a solution? Greetings Daniel Original-Nachricht Datum: Mon, 06 Aug 2012 09:52:35 +0200 Von: Daniel Müller danielmuell...@gmx.net An: users@sogo.nu Betreff: Login to SOGo from external- old,new question Dear all, this is my X...attempt to configure SOGo-- Apache to be reached when I am outside the office. This Is my Apache alias-file in conf.d, Alias /SOGo/WebServerResources/ \ /usr/lib/GNUstep/SOGo/WebServerResources/ AliasMatch /SOGo/so/ControlPanel/Products/(.*)/Resources/(.*) \ /usr/lib/GNUstep/SOGo/$1.SOGo/Resources/$2 Directory /usr/lib/GNUstep/SOGo/ AllowOverride None Order deny,allow Allow from all /Directory LocationMatch ^/SOGo/so/ControlPanel/Products/.*UI/Resources/.*\.(jpg|png|gif|css|js) SetHandler default-handler /LocationMatch ## Uncomment the following to enable proxy-side authentication, you will then ## need to set the SOGoTrustProxyAuthentication SOGo user default to YES and ## adjust the x-webobjects-remote-user proxy header in the Proxy section ## below. #Location /SOGo # AuthType XXX # Require valid-user # SetEnv proxy-nokeepalive 1 # Allow from all #/Location ProxyRequests Off SetEnv proxy-nokeepalive 1 ProxyPreserveHost On # When using CAS, you should uncomment this and install cas-proxy-validate.py # in /usr/lib/cgi-bin to reduce server overloading # # ProxyPass /SOGo/casProxy http://localhost/cgi-bin/cas-proxy-validate.py # Proxy http://localhost/app/cas-proxy-validate.py # Order deny,allow # Allow from your-cas-host-addr # /Proxy ProxyPass /SOGo http://127.0.0.1:2/SOGo retry=0 Proxy http://127.0.0.1:2/SOGo ## adjust the following to your configuration RequestHeader set x-webobjects-server-port 443 RequestHeader set x-webobjects-server-name 192.168.135.124 RequestHeader set x-webobjects-server-url https://192.168.135.124; ## When using proxy-side autentication, you need to uncomment and ## adjust the following line: # RequestHeader set x-webobjects-remote-user %{REMOTE_USER}e RequestHeader set x-webobjects-server-protocol HTTP/1.0 RequestHeader set x-webobjects-remote-host %{REMOTE_HOST}e env=REMOTE_HOST AddDefaultCharset UTF-8 Order allow,deny Allow from all /Proxy ## We use mod_rewrite to pass remote address to the SOGo proxy. # The remote address will appear in SOGo's log files and in the X-Forward # header of emails. RewriteEngine On RewriteRule ^/SOGo/(.*)$ /SOGo/$1 [env=REMOTE_HOST:%{REMOTE_ADDR},PT] Now I tried to create a new alias file EX.: outside.conf My router redirect all my https to the SOGo host, 217.XXX.XXX.XXX changed this lines to: ProxyPass /SOGo http://127.0.0.1:2/SOGo retry=0 Proxy http://127.0.0.1:2/SOGo ## adjust the following to your configuration RequestHeader set x-webobjects-server-port 443 RequestHeader set x-webobjects-server-name 217.XXX.XXX.XXX RequestHeader set x-webobjects-server-url https://217.XXX.XXX.XXX; restarted httpd service. Now I can reach the web-gui with https://217.XXX.XXX.XXX/SOGo successfull. But when I login it ends up with my local IP-Adress: https://192.XXX.XXX.124/SOGo/so/myuser/ and that is wrong, and the browser shows up page not found. How can I get here: https://217.XXX.XXX.XXX/SOGo/so/tester/ ? Daniel -- users@sogo.nu https://inverse.ca/sogo/lists
Fwd: [SOGo] Fwd: Fwd: Login to SOGo from external- old,new question
Thinking about SERVER_ADDR in apache. Tried to substitute server-name and url like this: RequestHeader set x-webobjects-server-name SERVER_ADDR RequestHeader set x-webobjects-server-url https://SERVER_ADDR; So the IP can be danymic loaded when I request from internal with 192.xxx.xxx.xxx and when I request from outside with 213.xxx.xxx.xxx. But do not know how to parse the SERVER_ADDR into the url or name. Can someone point me a way. --- Original-Nachricht Datum: Wed, 08 Aug 2012 13:49:55 +0200 Von: Daniel Müller danielmuell...@gmx.net An: users@sogo.nu Betreff: [SOGo] Fwd: Fwd: Login to SOGo from external- old,new question Now after a lot of thinking and trying I came to an solution: Changing in my SOGo.conf all RequestHeader entries to my external IP RequestHeader set x-webobjects-server-port 443 RequestHeader set x-webobjects-server-name my.ext.i.p RequestHeader set x-webobjects-server-url https://my.ext.i.p; did the trick. But now my internal client has the same problem. Is there a way to show apache to set RequestHeader according to external and internal Ips? Or just grap the IP and set it to? Original-Nachricht Datum: Tue, 07 Aug 2012 10:51:32 +0200 Von: Daniel Müller danielmuell...@gmx.net An: users@sogo.nu Betreff: Fwd: Login to SOGo from external- old,new question NO one an idea? Or a solution? Greetings Daniel Original-Nachricht Datum: Mon, 06 Aug 2012 09:52:35 +0200 Von: Daniel Müller danielmuell...@gmx.net An: users@sogo.nu Betreff: Login to SOGo from external- old,new question Dear all, this is my X...attempt to configure SOGo-- Apache to be reached when I am outside the office. This Is my Apache alias-file in conf.d, Alias /SOGo/WebServerResources/ \ /usr/lib/GNUstep/SOGo/WebServerResources/ AliasMatch /SOGo/so/ControlPanel/Products/(.*)/Resources/(.*) \ /usr/lib/GNUstep/SOGo/$1.SOGo/Resources/$2 Directory /usr/lib/GNUstep/SOGo/ AllowOverride None Order deny,allow Allow from all /Directory LocationMatch ^/SOGo/so/ControlPanel/Products/.*UI/Resources/.*\.(jpg|png|gif|css|js) SetHandler default-handler /LocationMatch ## Uncomment the following to enable proxy-side authentication, you will then ## need to set the SOGoTrustProxyAuthentication SOGo user default to YES and ## adjust the x-webobjects-remote-user proxy header in the Proxy section ## below. #Location /SOGo # AuthType XXX # Require valid-user # SetEnv proxy-nokeepalive 1 # Allow from all #/Location ProxyRequests Off SetEnv proxy-nokeepalive 1 ProxyPreserveHost On # When using CAS, you should uncomment this and install cas-proxy-validate.py # in /usr/lib/cgi-bin to reduce server overloading # # ProxyPass /SOGo/casProxy http://localhost/cgi-bin/cas-proxy-validate.py # Proxy http://localhost/app/cas-proxy-validate.py # Order deny,allow # Allow from your-cas-host-addr # /Proxy ProxyPass /SOGo http://127.0.0.1:2/SOGo retry=0 Proxy http://127.0.0.1:2/SOGo ## adjust the following to your configuration RequestHeader set x-webobjects-server-port 443 RequestHeader set x-webobjects-server-name 192.168.135.124 RequestHeader set x-webobjects-server-url https://192.168.135.124; ## When using proxy-side autentication, you need to uncomment and ## adjust the following line: # RequestHeader set x-webobjects-remote-user %{REMOTE_USER}e RequestHeader set x-webobjects-server-protocol HTTP/1.0 RequestHeader set x-webobjects-remote-host %{REMOTE_HOST}e env=REMOTE_HOST AddDefaultCharset UTF-8 Order allow,deny Allow from all /Proxy ## We use mod_rewrite to pass remote address to the SOGo proxy. # The remote address will appear in SOGo's log files and in the X-Forward # header of emails. RewriteEngine On RewriteRule ^/SOGo/(.*)$ /SOGo/$1 [env=REMOTE_HOST:%{REMOTE_ADDR},PT] Now I tried to create a new alias file EX.: outside.conf My router redirect all my https to the SOGo host, 217.XXX.XXX.XXX changed this lines to: ProxyPass /SOGo http://127.0.0.1:2/SOGo retry=0 Proxy http://127.0.0.1:2/SOGo ## adjust the following to your configuration RequestHeader set x-webobjects-server-port 443 RequestHeader set x-webobjects-server-name 217.XXX.XXX.XXX RequestHeader set x-webobjects-server-url https://217.XXX.XXX.XXX; restarted httpd service. Now I can reach the web-gui with https://217.XXX.XXX.XXX/SOGo successfull. But when I login it ends up with my local IP-Adress: https://192.XXX.XXX.124/SOGo/so/myuser/ and that is wrong, and the browser shows up page not found. How can I get here: https://217.XXX.XXX.XXX/SOGo/so/tester/ ? Daniel -- users@sogo.nu https://inverse.ca/sogo/lists -- users@sogo.nu https://inverse.ca/sogo/lists
Re: [SOGo] Fwd: Fwd: Login to SOGo from external- old,new question
On Aug 8, 2012, at 6:49 AM, Daniel Müller wrote: Is there a way to show apache to set RequestHeader according to external and internal Ips? Or just grap the IP and set it to? That is what DNS is for. Assign a hostname and domain. IPs are so messy. But why do you need to have the internal IP? Is it not reachable from behind your network.-- users@sogo.nu https://inverse.ca/sogo/lists